Import of LukeM's ftpd version 1.1.

contrib/lukemftpd/COPYING

@@ -0,0 +1,47 @@
+Copyright 2001 Luke Mewburn <lukem@netbsd.org>.  All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+1. Redistributions of source code must retain the above copyright
+   notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+   notice, this list of conditions and the following disclaimer in the
+   documentation and/or other materials provided with the distribution.
+3. All advertising materials mentioning features or use of this software
+   must display the following acknowledgement:
+	This product includes software developed by Luke Mewburn.
+4. The name of the author may not be used to endorse or promote products
+   derived from this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
+TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
+USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+This product also contains software developed by other people, and you
+are advised to read the various source files to read the full details
+of the other licenses. Those licenses also require the following
+acknowledgements:
+
+	This product includes software developed by the NetBSD Foundation,
+	Inc.  and its contributors.  Those contributors include:
+		- Simon Burge
+		- Luke Mewburn
+		- Christos Zoulas
+
+	This product includes software developed by the University of
+	California, Berkeley and its contributors.  Those contributors
+	include:
+		- Michael Fischbein
+		- Guido van Rossum
+		- Institute of Electrical and Electronics Engineers, Inc
+
+	This product includes software developed by Christos Zoulas.
+

contrib/lukemftpd/ChangeLog

@@ -0,0 +1,176 @@
+Wed May  9 02:04:08 UTC 2001	lukem
+
+	* released 1.1
+
+Sat Apr 28 07:13:57 UTC 2001	lukem
+
+	* released 1.1 beta 1
+
+	* determine if crypt() and getusershell() need declarations
+
+Wed Apr 25 06:27:08 UTC 2001	lukem
+
+	* update to NetBSD-current 2001/04/25:
+		- update copyrights
+		- remove superfluous byte_count update in send_file_list
+		- use own code instead of bothering with glob() to do ~
+		  expansion in pathname; there's no need to support glob
+		  wildcards in this case when it's not expanded here in the
+		  non-~ case 
+		- As threatened, handle OOB commands from within ftpcmd.y. 
+		  This involved changing the yacc syntax to be line-oriented,
+		  rather than having it run against the entire input at once,
+		  and adding a flag to struct tab, to  indicate if or not
+		  it's acceptable for a command to occur OOB.
+
+Tue Apr 17 08:20:09 UTC 2001	lukem
+
+	* look for <arpa/nameser.h>
+
+	* pull in <arpa/nameser.h> for INADDRZ, IN6ADDRSZ and INT16SZ,
+	  and define if missing
+
+	* don't bother trying to use if_indextoname() in ip6_sa2str()
+	  (fixes problems on MacOS X)
+
+	* remove unused sverrno in warnx() and errx()
+
+Fri Apr 13 16:02:40 UTC 2001	lukem
+
+	* improve test for long long support so that it's only enabled
+	  if printf supports %ll or %q and they do the right thing.
+	  use %q instead of %ll #if HAVE_PRINTF_QD
+
+	* added NEWS file
+
+	* support S/Key with add support for --with-skey
+
+	* pull up changes made in NetBSD in ftpcmd.y revision 1.61:
+		make checkportcmd address family independent, and correct
+		IPv4 case.  PR 12558.
+
+Sun Apr  8 03:35:55 UTC 2001	lukem
+
+	* release 1.0
+
+Thu Apr  5 14:08:25 UTC 2001	lukem
+
+	* search for lockf and flock, and use the first found (in that
+	  order) to lock the pid files
+
+	* pull up fix to glob.c from rev 1.21 of NetBSD's __glob13.c:
+		- Fix sentinel for the buffer in globtilde. It was off
+		  by x 2. Noted by Theo.
+
+Thu Mar 29 16:57:17 EST 2001	lukem
+
+	* release 1.0 beta 4
+
+	* merge ftpd from NetBSD-current (20010329):
+		- don't leak globbed memory.
+
+	* only look for setproctitle in -lutil if fparseln wasn't found in it
+
+	* only REPLACE_FUNC(fparseln) if it wasn't found in -lutil
+
+	* always compile in local glob; it's the best way to ensure that
+	  various security issues are fixed
+
+	* update glob(3) to netbsd-current (20010329), adding support for 
+	  GLOB_LIMIT and fixing various buffer overflows.
+
+	* support --enable-builtinls (default) and --disable-builtinls
+
+Sun Mar 18 10:14:17 UTC 2001	lukem
+
+	* detect if d_namlen exists in struct dirent, and use in
+	  fts_open() appropriately
+
+Sun Mar 18 08:30:01 UTC 2001	lukem
+
+	* released 1.0 beta3
+
+	* use inbuilt ls source
+
+	* autoconf improvements:
+		- replace missing fts_open, strmode, user_from_uid
+		- detect if optreset exists, and only use if it does
+		- fix AC_MSG strings (remove comma's from the messages)
+
+	* fixes to inbuilt ls:
+		- revert part of previous
+		- add rcsid
+		- remove stat_flags; flags_to_string is unused (i.e, ignore -o)
+		- conditionally support S_IFWHT
+		- hardcode blocksize to 1K
+		- remove support for nsec comparison in time sorting
+
+Sat Mar 17 12:02:51 UTC 2001	lukem
+
+	* generate cat manpages
+
+	* merge ftpd from NetBSD-current (20010317):
+		- make sure we do not return stray " at the end of stirng,
+		  like bla"\0.  From: "William C. Allen" <allenwc@home.com>
+		- ensure replydirname() do not truncate the names.
+		  From: Paul Janzen <pjanzen@foatdi.harvard.edu>
+		- don't support t(erabyte) as a suffix in strsuftoll()
+		  #ifdef NO_LONG_LONG
+		- Use GLOB_LIMIT. Also fix a bug where gl_offs was not
+		  initialized and could contain trash.
+		- fix redundant declarations.
+		- comment or delete text after CPP directives.
+		- consistently use syslog priorities
+
+	* improve detection of working glob(), including requiring GLOB_LIMIT.
+	  don't bother explicilty looking for glob.h; the test above will
+	  detect that.
+
+	* update replacement glob() to support GLOB_LIMIT
+
+	* look for setproctitle in -lutil as well
+
+	* pull in <paths.h> if it exists, but still check each _PATH_xxx and
+	  define to something sane if not found; certain platforms have a
+	  lobotomised <paths.h>
+
+Fri Mar 16 08:27:09 EST 2001	lukem
+
+	* in getusershell.c, remove __P() and const cruft
+
+	* undef _PATH_FTPUSERS before defining
+
+	* define _PATH_SHELLS if there's no <path.h>
+
+Wed Mar 14 18:49:57 EST 2001	lukem
+
+	* released 1.0 beta2
+
+	* add COPYING INSTALL README THANKS
+
+	* replace missing vsyslog
+
+Sat Mar 10 09:15:46 EST 2001	lukem
+
+	* replace missing getusershell
+
+	* look for vfork and don't use if it doesn't exist
+
+	* note tru64 doesn't have vsyslog (still to fix)
+
+	* prototype getusershell et al if missing
+
+Fri Mar  9 06:27:08 EST 2001	lukem
+
+	* released 1.0 beta1
+
+	* look for libutil.h (FreeBSD) as well as util.h (NetBSD)
+
+	* change the way that glob(3) is checked for 4.4BSD feature
+	  compliance so that it's much more robust
+
+	* add strtoll()
+
+Thu Feb  1 12:24:00 EST 2001	lukem
+
+	* released 1.0 alpha

contrib/lukemftpd/INSTALL

@@ -0,0 +1,98 @@
+INSTALLATION INTRODUCTION
+-------------------------
+
+This file describes how to compile and install lukemftpd on your
+system.
+
+	============================================
+	=					   =
+	=  NOTE: You will need an ANSI C compiler. =
+	=					   =
+	============================================
+
+
+For most systems, execute the following to compile and install
+lukemftpd:
+	./configure
+	make
+	make install
+
+Preformatted manual pages for ftpd(8), ftpd.conf(5), and ftpusers(5) are
+also installed.  If you wish to install the sources, ensure that your system
+has up-to-date mandoc macros. groff ships with this macro suite,
+but it has bugs. Try:
+    ftp://ftp.netbsd.org/pub/NetBSD/NetBSD-current/src/share/tmac/
+for a more recent version.
+
+
+CONFIGURATION OPTIONS
+---------------------
+
+lukemftpd is configured using an `autoconf' generated `configure'
+script.  `configure' supports the following options:
+
+* The standard `autoconf configure' options, including:
+  --prefix=PREFIX         install architecture-independent files in PREFIX
+                          [/usr/local]
+  --exec-prefix=EPREFIX   install architecture-dependent files in EPREFIX
+                          [same as prefix]
+  --srcdir=DIR            find the sources in DIR [configure dir or ..]
+                          BSD or GNU make may be required for this to work.
+
+* Specific options:
+  --enable-ipv6           Enable IPv6 support (if your OS supports it)
+  --disable-ipv6          Disable IPv6 support (even if your OS supports it.) 
+                          [default: enabled].
+  --with-socks            Compile with SOCKS firewall traversal support.
+  --with-socks5[=PATH]    Compile with SOCKS5 firewall traversal support.
+  --with-socks4[=PATH]    Compile with SOCKS4 firewall traversal support.
+  --with-skey             Compile with S/Key authentication support.
+
+The following environment variables can be set to override various
+compiler related settings.
+  CC=compiler		specify name of the C compiler (default: gcc or cc)
+  CFLAGS=flags		specify flags to C compiler (default: -O -g or just -O)
+  LDFLAGS=flags		specify flags to linker (default: none)
+
+This can be achieved with:
+	env CC="compiler" CFLAGS="flags" LDFLAGS="flags" ./configure
+
+
+	============================================
+	=					   =
+	=  NOTE: You will need an ANSI C compiler. =
+	=					   =
+	============================================
+
+
+PLATFORM SPECIFIC NOTES
+-----------------------
+
+The following platforms & compilers have been tested:
+
+- Irix 6.5
+	- Compiler: /usr/local/bin/gcc
+	   version: egcs-1.1.2
+
+	  Configure with:
+		./configure --disable-builtinls
+	  as the in-built ls code doesn't appear to work due to
+	  problems in the fts routines.
+
+- Linux 2.4 kernel with glibc prior to 2.2
+	Configure with:
+		./configure --disable-ipv6
+	as glibc before 2.2 doesn't correctly support sin6_scope_id.
+
+- NetBSD 1.5 (i386)
+	- Compiler: /usr/bin/cc
+	   version: egcs-1.1.2
+
+- Solaris 2.6 (sparc)
+	- Compiler: /opt/SUNWspro/bin/cc
+	   version: WorkShop Compilers 5.0
+
+- Tru64 5.0
+	- Compiler: /bin/cc
+	   version: Compaq C V6.1-011 on Digital UNIX V5.0 (Rev. 910)
+

contrib/lukemftpd/Makefile.in

@@ -0,0 +1,29 @@
+# $Id: Makefile.in,v 1.1 2000/07/29 13:34:15 lukem Exp $
+#
+
+srcdir	= @srcdir@
+VPATH	= @srcdir@
+SHELL	= /bin/sh
+
+@SET_MAKE@
+
+SUBDIRS	= libukem src
+
+all:	ftpd
+
+ftpd:	@LIBUKEM@
+	( cd src; ${MAKE} )
+
+libukem.a:
+	( cd libukem; ${MAKE} )
+
+install clean:
+	@for i in ${SUBDIRS}; do \
+	    ( echo "$@ ===> $$i" ; cd $$i ; ${MAKE} $@ ); \
+	done
+
+distclean: clean
+	@for i in ${SUBDIRS}; do \
+	    ( echo "$@ ===> $$i" ; cd $$i ; ${MAKE} $@ ); \
+	done
+	rm -f Makefile config.cache config.log config.status config.h

contrib/lukemftpd/NEWS

@@ -0,0 +1,13 @@
+This is a brief description of the new features and fixes added to
+lukemftpd-1.1 since the release of lukemftpd-1.0.
+
+* Fixed checkportcmd for the IPv4 case.
+
+* Added support for S/Key authentication.
+
+* Use method other than glob(3) to do ~ expansion.
+
+* Improve portability.
+
+* Rewrite method of handling out-of-band operations, in order to more
+  easily support RFC2228 security extensions in a future release.

contrib/lukemftpd/README

@@ -0,0 +1,102 @@
+WHAT IS LUKEMFTPD?
+------------------
+
+`lukemftpd' is what many users affectionately call the enhanced ftp
+server in NetBSD (http://www.netbsd.org).  The `lukem' comes from
+the account name of the NetBSD developer who wrote most of the
+enhancements: Luke Mewburn <lukem@netbsd.org>.
+
+This package is a `port' of the NetBSD ftp server to other systems.
+
+The enhancements over the standard ftp server in 4.4BSD (and derivatives)
+include:
+	* command line options:
+		+ allow override of directory used by anonymous ftp (-a)
+		+ optional change of directory for configuration files (-c)
+		+ check whether a user would be granted access (-C)
+		+ specify email address for display messages (-e)
+		+ change hostname advertised as (-h, -H)
+		+ specify data port to listen on (-P)
+		+ keep track of the number of users logged in (-q, -Q)
+		+ permanently drop privileges (-r)
+		+ specify version advertised (-V)
+		+ log wu-ftpd style `xferlog' entries to syslog (-X)
+
+	* % escape sequences in files displayed to users (/etc/motd,
+	  /etc/ftpwelcome, ...)
+
+	* IPv6 support (from the KAME project).
+
+	* ftpusers(5) control of who may log in, and optional
+	  specification of a "class" to be associated with the
+	  specified user or group.
+
+	* ftpd.conf(5) to control various configuration options on
+	  a per-class basis.  The following options are supported:
+		+ address to advertise in PASV and LPSV responses
+		+ check the PORT command for validity
+		+ specify the directory to chroot(2) to
+		+ automatic in-line conversions (e.g, `.tar.gz'
+		  retrieval of directories)
+		+ display a file the first time a directory is entered
+		+ specify the home directory of the session (for "cd ~")
+		+ limit the maximum number of concurrent sessions
+		+ limit the maximum size of an uploaded file
+		+ set the default timeout and restrict the maximum
+		  timeout that a user may request
+		+ deny user from running the CHMOD, DELE, MKD, RMD, RNFR
+		  and UMASK commands
+		+ specify the motd(5) file to display upon login
+		+ specify a glob(3) pattern of files to notify a user
+		  of the existance of once a directory is entered
+		+ enable/disable the use of PASV and EPSV connections
+		+ limit the ports that PORT and LPRT may bind to
+		+ limit the transfer rate of transfers
+		+ limit the characters that may be used in an uploaded
+		  filename
+		+ set the umask
+		+ deny user from running APPE, STOR and STOU as well
+		  as CHMOD, ...
+
+	* In-built copy of ls(1) to implement LIST (unless disabled
+	  out with --disable-builtinls), so that /bin/ls does not need
+	  to exist inside the ftp tree.
+
+	* Virtual servers can be supported with a combination of
+	  ftpd(8) flags and support in the invoking inetd(8) program
+	  (such as that in NetBSD).
+
+	* Optional S/Key authentication (if configued with --with-skey).
+
+
+Features present in NetBSD's ftpd but not yet available in lukemftpd:
+	* logging active sessions to utmp(5) (-u, -U)
+	* logging completed sessions to wtmp(5) (-w, -W)
+
+
+INSTALLATION
+------------
+
+Refer to `INSTALL' for more information on how to compile and install
+lukemftpd.
+
+
+FEEDBACK / BUG REPORTS
+----------------------
+
+Please email feedback back to the maintainer: <lukem@netbsd.org>.
+
+
+COPYRIGHT
+---------
+
+lukemftpd is covered by a BSD-style copyright notice. Please refer to
+the file `COPYING' for more information.
+
+
+AVAILABILITY
+------------
+
+The primary ftp site for lukemftpd is:
+	ftp://ftp.netbsd.org/pub/NetBSD/misc/lukemftp/
+(the same location as lukemftp)

contrib/lukemftpd/THANKS

@@ -0,0 +1,9 @@
+Whilst a lot of the work in lukemftpd (both the original sources in NetBSD
+and this port) was done by me (Luke Mewburn), it would not be as useable
+without the enhancements, fixes, or input from the following people:
+
+Christos Zoulas			<christos@netbsd.org>
+Curt Sampson			<cjs@netbsd.org>
+Jun-ichiro itojun Hagino	<itojun@netbsd.org> 
+Matthew R. Green		<mrg@eterna.com.au>
+Todd Vierling			<tv@netbsd.org>

contrib/lukemftpd/acconfig.h

@@ -0,0 +1,101 @@
+/* $Id: acconfig.h,v 1.9 2001/04/28 07:11:06 lukem Exp $ */
+
+@TOP@
+@BOTTOM@
+
+/* Define if your compiler supports `long long' */
+#undef HAVE_LONG_LONG
+
+/* Define if *printf() uses %qd to print `long long' (otherwise uses %lld) */
+#undef HAVE_PRINTF_QD
+
+/* Define if in_port_t exists */
+#undef HAVE_IN_PORT_T
+
+/* Define if struct sockaddr.sa_len exists (implies sockaddr_in.sin_len, etc) */
+#undef HAVE_SOCKADDR_SA_LEN
+
+/* Define if socklen_t exists */
+#undef HAVE_SOCKLEN_T
+
+/* Define if AF_INET6 exists in <sys/socket.h> */
+#undef HAVE_AF_INET6
+
+/* Define if `struct sockaddr_in6' exists in <netinet/in.h> */
+#undef HAVE_SOCKADDR_IN6
+
+/* Define if `struct addrinfo' exists in <netdb.h> */
+#undef HAVE_ADDRINFO
+
+/*
+ * Define if <netdb.h> contains AI_NUMERICHOST et al.
+ * Systems which only implement RFC2133 will need this.
+ */
+#undef HAVE_RFC2553_NETDB
+
+/* Define if `struct direct' has a d_namlen element */
+#undef HAVE_D_NAMLEN
+
+/* Define if struct passwd.pw_expire exists. */
+#undef HAVE_PW_EXPIRE
+
+/* Define if GLOB_BRACE, gl_path and gl_match exist in <glob.h> */
+#undef HAVE_WORKING_GLOB
+
+/* Define if crypt() is declared in <unistd.h> */
+#undef HAVE_CRYPT_D
+
+/* Define if fclose() is declared in <stdio.h> */
+#undef HAVE_FCLOSE_D
+
+/* Define if optarg is declared in <stdlib.h> or <unistd.h> */
+#undef HAVE_OPTARG_D
+
+/* Define if optind is declared in <stdlib.h> or <unistd.h> */
+#undef HAVE_OPTIND_D
+
+/* Define if optreset exists */
+#undef HAVE_OPTRESET
+
+/* Define if pclose() is declared in <stdio.h> */
+#undef HAVE_PCLOSE_D
+
+/* Define if getusershell() is declared in <unistd.h> */
+#undef HAVE_GETUSERSHELL_D
+
+/* Define if `long long' is supported and sizeof(off_t) >= 8 */
+#undef HAVE_QUAD_SUPPORT
+
+/* Define if not using in-built /bin/ls code */
+#undef NO_INTERNAL_LS
+
+/* Define if using S/Key */
+#undef SKEY
+
+/*
+ * Define this if compiling with SOCKS (the firewall traversal library).
+ * Also, you must define connect, getsockname, bind, accept, listen, and
+ * select to their R-versions.
+ */
+#undef	SOCKS
+#undef	SOCKS4
+#undef	SOCKS5
+#undef	connect
+#undef	getsockname
+#undef	bind
+#undef	accept
+#undef	listen
+#undef	select
+#undef	dup
+#undef	dup2
+#undef	fclose
+#undef	gethostbyname
+#undef	getpeername
+#undef	read
+#undef	recv
+#undef	recvfrom
+#undef	rresvport
+#undef	send
+#undef	sendto
+#undef	shutdown
+#undef	write

contrib/lukemftpd/aclocal.m4

@@ -0,0 +1,257 @@
+dnl $Id: aclocal.m4,v 1.1 2000/07/29 13:34:15 lukem Exp $
+dnl
+
+dnl
+dnl AC_MSG_TRY_COMPILE
+dnl
+dnl Written by Luke Mewburn <lukem@netbsd.org>
+dnl
+dnl Usage:
+dnl	AC_MSG_TRY_COMPILE(Message, CacheVar, Includes, Code,
+dnl			    ActionPass [,ActionFail] )
+dnl
+dnl effectively does:
+dnl	AC_CACHE_CHECK(Message, CacheVar,
+dnl		AC_TRY_COMPILE(Includes, Code, CacheVar = yes, CacheVar = no)
+dnl		if CacheVar == yes
+dnl			AC_MESSAGE_RESULT(yes)
+dnl			ActionPass
+dnl		else
+dnl			AC_MESSAGE_RESULT(no)
+dnl			ActionFail
+dnl	)
+dnl
+AC_DEFUN(AC_MSG_TRY_COMPILE, [
+	AC_CACHE_CHECK($1, $2, [
+		AC_TRY_COMPILE([ $3 ], [ $4; ], [ $2=yes ], [ $2=no ])
+	])
+	if test "x[$]$2" = "xyes"; then
+		$5
+	else
+		$6
+		:
+	fi
+])
+
+dnl
+dnl AC_MSG_TRY_LINK
+dnl
+dnl Usage:
+dnl	AC_MSG_TRY_LINK(Message, CacheVar, Includes, Code,
+dnl			    ActionPass [,ActionFail] )
+dnl
+dnl as AC_MSG_TRY_COMPILE, but uses AC_TRY_LINK instead of AC_TRY_COMPILE
+dnl
+AC_DEFUN(AC_MSG_TRY_LINK, [
+	AC_CACHE_CHECK($1, $2, [
+		AC_TRY_LINK([ $3 ], [ $4; ], [ $2=yes ], [ $2=no ])
+	])
+	if test "x[$]$2" = "xyes"; then
+		$5
+	else
+		$6
+		:
+	fi
+])
+
+
+dnl
+dnl AC_LIBRARY_NET: #Id: net.m4,v 1.5 1997/11/09 21:36:54 jhawk Exp #
+dnl
+dnl Written by John Hawkinson <jhawk@mit.edu>. This code is in the Public
+dnl Domain.
+dnl
+dnl This test is for network applications that need socket() and
+dnl gethostbyname() -ish functions.  Under Solaris, those applications need to
+dnl link with "-lsocket -lnsl".  Under IRIX, they should *not* link with
+dnl "-lsocket" because libsocket.a breaks a number of things (for instance:
+dnl gethostbyname() under IRIX 5.2, and snoop sockets under most versions of
+dnl IRIX).
+dnl 
+dnl Unfortunately, many application developers are not aware of this, and
+dnl mistakenly write tests that cause -lsocket to be used under IRIX.  It is
+dnl also easy to write tests that cause -lnsl to be used under operating
+dnl systems where neither are necessary (or useful), such as SunOS 4.1.4, which
+dnl uses -lnsl for TLI.
+dnl 
+dnl This test exists so that every application developer does not test this in
+dnl a different, and subtly broken fashion.
+dnl 
+dnl It has been argued that this test should be broken up into two seperate
+dnl tests, one for the resolver libraries, and one for the libraries necessary
+dnl for using Sockets API. Unfortunately, the two are carefully intertwined and
+dnl allowing the autoconf user to use them independantly potentially results in
+dnl unfortunate ordering dependancies -- as such, such component macros would
+dnl have to carefully use indirection and be aware if the other components were
+dnl executed. Since other autoconf macros do not go to this trouble, and almost
+dnl no applications use sockets without the resolver, this complexity has not
+dnl been implemented.
+dnl
+dnl The check for libresolv is in case you are attempting to link statically
+dnl and happen to have a libresolv.a lying around (and no libnsl.a).
+dnl
+AC_DEFUN(AC_LIBRARY_NET, [
+   # Most operating systems have gethostbyname() in the default searched
+   # libraries (i.e. libc):
+   AC_CHECK_FUNC(gethostbyname, ,
+     # Some OSes (eg. Solaris) place it in libnsl:
+     AC_CHECK_LIB(nsl, gethostbyname, , 
+       # Some strange OSes (SINIX) have it in libsocket:
+       AC_CHECK_LIB(socket, gethostbyname, ,
+          # Unfortunately libsocket sometimes depends on libnsl.
+          # AC_CHECK_LIB's API is essentially broken so the following
+          # ugliness is necessary:
+          AC_CHECK_LIB(socket, gethostbyname,
+             LIBS="-lsocket -lnsl $LIBS",
+               AC_CHECK_LIB(resolv, gethostbyname),
+             -lnsl)
+       )
+     )
+   )
+  AC_CHECK_FUNC(socket, , AC_CHECK_LIB(socket, socket, ,
+    AC_CHECK_LIB(socket, socket, LIBS="-lsocket -lnsl $LIBS", , -lnsl)))
+  ])
+
+
+dnl Checks for SOCKS firewall support.
+dnl
+dnl Written by Matthew R. Green <mrg@eterna.com.au>
+dnl
+AC_DEFUN(AC_LIBRARY_SOCKS, [
+    AC_MSG_CHECKING(whether to support SOCKS)
+    AC_ARG_WITH(socks,
+    [  --with-socks            Compile with SOCKS firewall traversal support.],
+    [
+	case "$withval" in
+	no)
+	    AC_MSG_RESULT(no)
+	    ;;
+	yes)
+	    AC_MSG_RESULT(yes)
+	    AC_CHECK_LIB(socks5, SOCKSconnect, [
+		socks=5
+		LIBS="-lsocks5 $LIBS"], [
+	      AC_CHECK_LIB(socks, Rconnect, [
+		socks=4
+		LIBS="-lsocks $LIBS"], [
+		    AC_MSG_ERROR(Could not find socks library.  You must first install socks.) ] ) ] )
+	    ;;
+	esac
+    ],
+	AC_MSG_RESULT(no)
+    )
+
+    if test "x$socks" = "x"; then
+	AC_MSG_CHECKING(whether to support SOCKS5)
+	AC_ARG_WITH(socks5,
+	[  --with-socks5[=PATH]    Compile with SOCKS5 firewall traversal support.],
+	[
+	    case "$withval" in
+	    no)
+		AC_MSG_RESULT(no)
+		;;
+	    *)
+		AC_MSG_RESULT(yes)
+		socks=5
+		if test "x$withval" = "xyes"; then
+		    withval="-lsocks5"
+		else
+		    if test -d "$withval"; then
+			if test -d "$withval/include"; then
+			    CFLAGS="$CFLAGS -I$withval/include"
+			else
+			    CFLAGS="$CFLAGS -I$withval"
+			fi
+			if test -d "$withval/lib"; then
+			    withval="-L$withval/lib -lsocks5"
+			else
+			    withval="-L$withval -lsocks5"
+			fi
+		    fi
+		fi
+		LIBS="$withval $LIBS"
+		# If Socks was compiled with Kerberos support, we will need
+		# to link against kerberos libraries.  Temporarily append
+		# to LIBS.  This is harmless if there is no kerberos support.
+		TMPLIBS="$LIBS"
+		LIBS="$LIBS $KERBEROS_LIBS"
+		AC_TRY_LINK([],
+		    [ SOCKSconnect(); ],
+		    [],
+		    [ AC_MSG_ERROR(Could not find the $withval library.  You must first install socks5.) ])
+		LIBS="$TMPLIBS"
+		;;
+	    esac
+	],
+	    AC_MSG_RESULT(no)
+	)
+    fi
+
+    if test "x$socks" = "x"; then
+	AC_MSG_CHECKING(whether to support SOCKS4)
+	AC_ARG_WITH(socks4,
+	[  --with-socks4[=PATH]    Compile with SOCKS4 firewall traversal support.],
+	[
+	    case "$withval" in
+	    no)
+		AC_MSG_RESULT(no)
+		;;
+	    *)
+		AC_MSG_RESULT(yes)
+		socks=4
+		if test "x$withval" = "xyes"; then
+		    withval="-lsocks"
+		else
+		    if test -d "$withval"; then
+			withval="-L$withval -lsocks"
+		    fi
+		fi
+		LIBS="$withval $LIBS"
+		AC_TRY_LINK([],
+		    [ Rconnect(); ],
+		    [],
+		    [ AC_MSG_ERROR(Could not find the $withval library.  You must first install socks.) ])
+		;;
+	    esac
+	],
+	    AC_MSG_RESULT(no)
+	)
+    fi
+
+    if test "x$socks" = "x4"; then
+	AC_DEFINE(SOCKS)
+	AC_DEFINE(SOCKS4)
+	AC_DEFINE(connect, Rconnect)
+	AC_DEFINE(getsockname, Rgetsockname)
+	AC_DEFINE(bind, Rbind)
+	AC_DEFINE(accept, Raccept)
+	AC_DEFINE(listen, Rlisten)
+	AC_DEFINE(select, Rselect)
+    fi
+
+    if test "x$socks" = "x5"; then
+	AC_DEFINE(SOCKS)
+	AC_DEFINE(SOCKS5)
+	AC_DEFINE(connect,SOCKSconnect)
+	AC_DEFINE(getsockname,SOCKSgetsockname)
+	AC_DEFINE(getpeername,SOCKSgetpeername)
+	AC_DEFINE(bind,SOCKSbind)
+	AC_DEFINE(accept,SOCKSaccept)
+	AC_DEFINE(listen,SOCKSlisten)
+	AC_DEFINE(select,SOCKSselect)
+	AC_DEFINE(recvfrom,SOCKSrecvfrom)
+	AC_DEFINE(sendto,SOCKSsendto)
+	AC_DEFINE(recv,SOCKSrecv)
+	AC_DEFINE(send,SOCKSsend)
+	AC_DEFINE(read,SOCKSread)
+	AC_DEFINE(write,SOCKSwrite)
+	AC_DEFINE(rresvport,SOCKSrresvport)
+	AC_DEFINE(shutdown,SOCKSshutdown)
+	AC_DEFINE(listen,SOCKSlisten)
+	AC_DEFINE(close,SOCKSclose)
+	AC_DEFINE(dup,SOCKSdup)
+	AC_DEFINE(dup2,SOCKSdup2)
+	AC_DEFINE(fclose,SOCKSfclose)
+	AC_DEFINE(gethostbyname,SOCKSgethostbyname)
+    fi
+])

contrib/lukemftpd/config.h.in

@@ -0,0 +1,274 @@
+/* config.h.in.  Generated automatically from configure.in by autoheader.  */
+/* $Id: config.h.in,v 1.15 2001/04/28 07:11:46 lukem Exp $ */
+
+
+/* Define if the closedir function returns void instead of int.  */
+#undef CLOSEDIR_VOID
+
+/* Define to empty if the keyword does not work.  */
+#undef const
+
+/* Define if your C compiler doesn't accept -c and -o together.  */
+#undef NO_MINUS_C_MINUS_O
+
+/* Define if your Fortran 77 compiler doesn't accept -c and -o together. */
+#undef F77_NO_MINUS_C_MINUS_O
+
+/* Define to `long' if <sys/types.h> doesn't define.  */
+#undef off_t
+
+/* Define to the type of arg1 for select(). */
+#undef SELECT_TYPE_ARG1
+
+/* Define to the type of args 2, 3 and 4 for select(). */
+#undef SELECT_TYPE_ARG234
+
+/* Define to the type of arg5 for select(). */
+#undef SELECT_TYPE_ARG5
+
+/* Define if you have the ANSI C header files.  */
+#undef STDC_HEADERS
+
+/* Define if you can safely include both <sys/time.h> and <time.h>.  */
+#undef TIME_WITH_SYS_TIME
+
+/* Define if the closedir function returns void instead of int.  */
+#undef VOID_CLOSEDIR
+
+/* The number of bytes in a off_t.  */
+#undef SIZEOF_OFF_T
+
+/* Define if you have the err function.  */
+#undef HAVE_ERR
+
+/* Define if you have the fgetln function.  */
+#undef HAVE_FGETLN
+
+/* Define if you have the flock function.  */
+#undef HAVE_FLOCK
+
+/* Define if you have the fparseln function.  */
+#undef HAVE_FPARSELN
+
+/* Define if you have the fts_open function.  */
+#undef HAVE_FTS_OPEN
+
+/* Define if you have the getaddrinfo function.  */
+#undef HAVE_GETADDRINFO
+
+/* Define if you have the getgrouplist function.  */
+#undef HAVE_GETGROUPLIST
+
+/* Define if you have the getnameinfo function.  */
+#undef HAVE_GETNAMEINFO
+
+/* Define if you have the getspnam function.  */
+#undef HAVE_GETSPNAM
+
+/* Define if you have the getusershell function.  */
+#undef HAVE_GETUSERSHELL
+
+/* Define if you have the inet_net_pton function.  */
+#undef HAVE_INET_NET_PTON
+
+/* Define if you have the inet_ntop function.  */
+#undef HAVE_INET_NTOP
+
+/* Define if you have the inet_pton function.  */
+#undef HAVE_INET_PTON
+
+/* Define if you have the lockf function.  */
+#undef HAVE_LOCKF
+
+/* Define if you have the mkstemp function.  */
+#undef HAVE_MKSTEMP
+
+/* Define if you have the setlogin function.  */
+#undef HAVE_SETLOGIN
+
+/* Define if you have the setproctitle function.  */
+#undef HAVE_SETPROCTITLE
+
+/* Define if you have the sl_init function.  */
+#undef HAVE_SL_INIT
+
+/* Define if you have the snprintf function.  */
+#undef HAVE_SNPRINTF
+
+/* Define if you have the strdup function.  */
+#undef HAVE_STRDUP
+
+/* Define if you have the strerror function.  */
+#undef HAVE_STRERROR
+
+/* Define if you have the strlcat function.  */
+#undef HAVE_STRLCAT
+
+/* Define if you have the strlcpy function.  */
+#undef HAVE_STRLCPY
+
+/* Define if you have the strmode function.  */
+#undef HAVE_STRMODE
+
+/* Define if you have the strsep function.  */
+#undef HAVE_STRSEP
+
+/* Define if you have the strtoll function.  */
+#undef HAVE_STRTOLL
+
+/* Define if you have the user_from_uid function.  */
+#undef HAVE_USER_FROM_UID
+
+/* Define if you have the usleep function.  */
+#undef HAVE_USLEEP
+
+/* Define if you have the vfork function.  */
+#undef HAVE_VFORK
+
+/* Define if you have the vsyslog function.  */
+#undef HAVE_VSYSLOG
+
+/* Define if you have the <arpa/nameser.h> header file.  */
+#undef HAVE_ARPA_NAMESER_H
+
+/* Define if you have the <dirent.h> header file.  */
+#undef HAVE_DIRENT_H
+
+/* Define if you have the <err.h> header file.  */
+#undef HAVE_ERR_H
+
+/* Define if you have the <fts.h> header file.  */
+#undef HAVE_FTS_H
+
+/* Define if you have the <libutil.h> header file.  */
+#undef HAVE_LIBUTIL_H
+
+/* Define if you have the <ndir.h> header file.  */
+#undef HAVE_NDIR_H
+
+/* Define if you have the <paths.h> header file.  */
+#undef HAVE_PATHS_H
+
+/* Define if you have the <sys/dir.h> header file.  */
+#undef HAVE_SYS_DIR_H
+
+/* Define if you have the <sys/ndir.h> header file.  */
+#undef HAVE_SYS_NDIR_H
+
+/* Define if you have the <sys/sysmacros.h> header file.  */
+#undef HAVE_SYS_SYSMACROS_H
+
+/* Define if you have the <util.h> header file.  */
+#undef HAVE_UTIL_H
+
+/* Define if you have the crypt library (-lcrypt).  */
+#undef HAVE_LIBCRYPT
+
+/* Define if you have the nsl library (-lnsl).  */
+#undef HAVE_LIBNSL
+
+/* Define if you have the skey library (-lskey).  */
+#undef HAVE_LIBSKEY
+
+/* Define if you have the socket library (-lsocket).  */
+#undef HAVE_LIBSOCKET
+
+/* Define if you have the util library (-lutil).  */
+#undef HAVE_LIBUTIL
+
+/* Define if your compiler supports `long long' */
+#undef HAVE_LONG_LONG
+
+/* Define if *printf() uses %qd to print `long long' (otherwise uses %lld) */
+#undef HAVE_PRINTF_QD
+
+/* Define if in_port_t exists */
+#undef HAVE_IN_PORT_T
+
+/* Define if struct sockaddr.sa_len exists (implies sockaddr_in.sin_len, etc) */
+#undef HAVE_SOCKADDR_SA_LEN
+
+/* Define if socklen_t exists */
+#undef HAVE_SOCKLEN_T
+
+/* Define if AF_INET6 exists in <sys/socket.h> */
+#undef HAVE_AF_INET6
+
+/* Define if `struct sockaddr_in6' exists in <netinet/in.h> */
+#undef HAVE_SOCKADDR_IN6
+
+/* Define if `struct addrinfo' exists in <netdb.h> */
+#undef HAVE_ADDRINFO
+
+/*
+ * Define if <netdb.h> contains AI_NUMERICHOST et al.
+ * Systems which only implement RFC2133 will need this.
+ */
+#undef HAVE_RFC2553_NETDB
+
+/* Define if `struct direct' has a d_namlen element */
+#undef HAVE_D_NAMLEN
+
+/* Define if struct passwd.pw_expire exists. */
+#undef HAVE_PW_EXPIRE
+
+/* Define if GLOB_BRACE, gl_path and gl_match exist in <glob.h> */
+#undef HAVE_WORKING_GLOB
+
+/* Define if crypt() is declared in <unistd.h> */
+#undef HAVE_CRYPT_D
+
+/* Define if fclose() is declared in <stdio.h> */
+#undef HAVE_FCLOSE_D
+
+/* Define if optarg is declared in <stdlib.h> or <unistd.h> */
+#undef HAVE_OPTARG_D
+
+/* Define if optind is declared in <stdlib.h> or <unistd.h> */
+#undef HAVE_OPTIND_D
+
+/* Define if optreset exists */
+#undef HAVE_OPTRESET
+
+/* Define if pclose() is declared in <stdio.h> */
+#undef HAVE_PCLOSE_D
+
+/* Define if getusershell() is declared in <unistd.h> */
+#undef HAVE_GETUSERSHELL_D
+
+/* Define if `long long' is supported and sizeof(off_t) >= 8 */
+#undef HAVE_QUAD_SUPPORT
+
+/* Define if not using in-built /bin/ls code */
+#undef NO_INTERNAL_LS
+
+/* Define if using S/Key */
+#undef SKEY
+
+/*
+ * Define this if compiling with SOCKS (the firewall traversal library).
+ * Also, you must define connect, getsockname, bind, accept, listen, and
+ * select to their R-versions.
+ */
+#undef	SOCKS
+#undef	SOCKS4
+#undef	SOCKS5
+#undef	connect
+#undef	getsockname
+#undef	bind
+#undef	accept
+#undef	listen
+#undef	select
+#undef	dup
+#undef	dup2
+#undef	fclose
+#undef	gethostbyname
+#undef	getpeername
+#undef	read
+#undef	recv
+#undef	recvfrom
+#undef	rresvport
+#undef	send
+#undef	sendto
+#undef	shutdown
+#undef	write

contrib/lukemftpd/configure.in

@@ -0,0 +1,300 @@
+dnl $Id: configure.in,v 1.16 2001/04/28 07:11:06 lukem Exp $
+dnl
+dnl configure.in --
+dnl	process this file with autoconf to produce a configure script.
+dnl
+
+AC_REVISION($Revision: 1.16 $)dnl
+
+AC_INIT(lukemftpd.h)
+
+
+dnl Arguments for which features are included
+dnl
+AC_ARG_ENABLE(ipv6, [\
+  --enable-ipv6           Enable IPv6 support (if your OS supports it).
+  --disable-ipv6          Disable IPv6 support (even if your OS supports it) 
+                          [default: enabled].], 
+    opt_ipv6=$enableval,
+    opt_ipv6=yes)
+AC_ARG_ENABLE(builtinls, [\
+  --enable-builtinls      Enable built-in /bin/ls.  [default: enabled]
+  --disable-builtinls     Disable built-in /bin/ls.],
+    opt_builtinls=$enableval,
+    opt_builtinls=yes)
+
+
+dnl Checks for programs.
+dnl
+AC_PROG_MAKE_SET
+AC_PROG_CC
+AC_PROG_AWK
+AC_PROG_INSTALL
+AC_PROG_RANLIB
+AC_PROG_YACC
+AC_CHECK_PROGS(AR, ar)
+
+
+dnl Checks for libraries.
+dnl
+AC_CHECK_LIB(crypt, crypt)
+AC_CHECK_LIB(util, fparseln)
+if test $ac_cv_lib_util_fparseln != yes; then
+	AC_CHECK_LIB(util, setproctitle)
+fi
+AC_LIBRARY_NET
+AC_LIBRARY_SOCKS
+if test -n "$socks"; then
+	if test $opt_ipv6 = yes; then
+		echo "IPv6 is incompatible with socks, disabling IPv6 support"
+		opt_ipv6=no
+	fi
+fi
+AC_ARG_WITH(skey,
+[  --with-skey             Compile with S/Key authentication support.],
+[	if test $withval = yes; then
+		AC_CHECK_LIB(skey, skey_haskey)
+	fi ] )
+AC_MSG_CHECKING(whether to support S/Key)
+if test x"$ac_cv_lib_skey_skey_haskey" = "xyes"; then
+	AC_MSG_RESULT(yes)
+	AC_DEFINE(SKEY, 1)
+else
+	AC_MSG_RESULT(no)
+fi
+
+
+dnl Checks for header files.
+dnl
+AC_CONFIG_HEADER(config.h)
+AC_HEADER_DIRENT
+AC_HEADER_STDC
+AC_CHECK_HEADERS(arpa/nameser.h err.h fts.h libutil.h paths.h \
+		sys/sysmacros.h util.h)
+
+
+dnl Checks for typedefs, structures, and compiler characteristics.
+dnl
+AC_HEADER_TIME
+AC_TYPE_OFF_T
+AC_CHECK_SIZEOF(off_t, 0)
+AC_MSG_TRY_LINK(for long long, ftp_cv_HAVE_LONG_LONG, [
+#include <sys/types.h>] , [
+long long X = 2, Y = 1, Z;
+Z = X / Y; ], [
+AC_DEFINE(HAVE_LONG_LONG, 1)
+have_long_long=yes], [have_long_long=no])
+
+AC_MSG_TRY_COMPILE(for in_port_t, ftp_cv_HAVE_IN_PORT_T, [
+#include <sys/types.h>
+#include <netinet/in.h> ], [ in_port_t X ], [AC_DEFINE(HAVE_IN_PORT_T, 1)])
+
+AC_MSG_TRY_COMPILE(for sockaddr_in.sin_len, ftp_cv_HAVE_SOCKADDR_SA_LEN, [
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h> ], [
+	struct sockaddr_in sin;
+	int X = sin.sin_len ], [AC_DEFINE(HAVE_SOCKADDR_SA_LEN, 1)])
+
+AC_MSG_TRY_COMPILE(for socklen_t, ftp_cv_HAVE_SOCKLEN_T, [
+#include <sys/types.h>
+#include <sys/socket.h> ], [ socklen_t X ], [AC_DEFINE(HAVE_SOCKLEN_T, 1)])
+
+if test $opt_ipv6 = yes; then
+
+	AC_MSG_TRY_COMPILE(for AF_INET6, ftp_cv_HAVE_AF_INET6, [
+#include <sys/types.h>
+#include <sys/socket.h> ],
+	    [ int X = AF_INET6 ], [AC_DEFINE(HAVE_AF_INET6, 1)])
+
+	AC_MSG_TRY_COMPILE(for struct sockaddr_in6, ftp_cv_HAVE_SOCKADDR_IN6, [
+#include <sys/types.h>
+#include <netinet/in.h> ],
+	    [ struct sockaddr_in6 X ], [AC_DEFINE(HAVE_SOCKADDR_IN6, 1)])
+
+fi
+
+AC_MSG_TRY_COMPILE(for struct addrinfo, ftp_cv_HAVE_ADDRINFO, [
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netdb.h> ],
+	    [ struct addrinfo X ], [AC_DEFINE(HAVE_ADDRINFO, 1)])
+
+AC_MSG_TRY_COMPILE(for d_namlen in struct dirent, ftp_cv_HAVE_D_NAMLEN, [
+#if HAVE_DIRENT_H
+# include <dirent.h>
+#else
+# define dirent direct
+# if HAVE_SYS_NDIR_H
+#  include <sys/ndir.h>
+# endif
+# if HAVE_SYS_DIR_H
+#  include <sys/dir.h>
+# endif
+# if HAVE_NDIR_H
+#  include <ndir.h>
+# endif
+#endif ], [
+	struct dirent dp;
+	int X = dp.d_namlen; ], [AC_DEFINE(HAVE_D_NAMLEN, 1)])
+
+AC_MSG_TRY_COMPILE(for struct passwd.pw_expire, ftp_cv_HAVE_PW_EXPIRE, [
+#include <sys/types.h>
+#include <pwd.h> ],
+	    [ struct passwd pw;
+	      time_t X = pw.pw_expire ], [AC_DEFINE(HAVE_PW_EXPIRE, 1)])
+
+AC_C_CONST
+
+
+dnl Checks for library functions.
+dnl
+AC_REPLACE_FUNCS(err fgetln getaddrinfo getgrouplist getnameinfo \
+		getusershell inet_net_pton inet_ntop inet_pton mkstemp \
+		sl_init snprintf strdup strerror strlcat strlcpy strsep \
+		usleep vsyslog)
+AC_CHECK_FUNCS(flock lockf getspnam setlogin setproctitle vfork)
+if test $ac_cv_lib_util_fparseln != yes; then
+	AC_REPLACE_FUNCS(fparseln)
+fi
+
+LIBOBJS="$LIBOBJS glob.o"
+
+AC_MSG_TRY_COMPILE(for crypt() declaration, ftp_cv_HAVE_CRYPT_D, [
+#include <unistd.h> ], [ char *(*X)() = crypt ], [AC_DEFINE(HAVE_CRYPT_D, 1)])
+
+AC_MSG_TRY_COMPILE(for fclose() declaration, ftp_cv_HAVE_FCLOSE_D, [
+#include <stdio.h> ], [ int (*X)() = fclose ], [AC_DEFINE(HAVE_FCLOSE_D, 1)])
+
+AC_MSG_TRY_COMPILE(for optarg declaration, ftp_cv_HAVE_OPTARG_D, [
+#include <stdlib.h>
+#include <unistd.h> ], [ char *X = optarg ], [AC_DEFINE(HAVE_OPTARG_D, 1)])
+
+AC_MSG_TRY_COMPILE(for optind declaration, ftp_cv_HAVE_OPTIND_D, [
+#include <stdlib.h>
+#include <unistd.h> ], [ int X = optind ], [AC_DEFINE(HAVE_OPTIND_D, 1)])
+
+AC_MSG_TRY_LINK(for optreset, ftp_cv_HAVE_OPTRESET, [
+#include <stdlib.h>
+#include <unistd.h> ], [ int X = optreset ], [AC_DEFINE(HAVE_OPTRESET, 1)])
+
+AC_MSG_TRY_COMPILE(for pclose() declaration, ftp_cv_HAVE_PCLOSE_D, [
+#include <stdio.h> ], [ int (*X)() = pclose ], [AC_DEFINE(HAVE_PCLOSE_D, 1)])
+
+if test $ac_cv_func_getusershell = yes; then
+	AC_MSG_TRY_COMPILE(for getusershell() declaration,
+	ftp_cv_HAVE_GETUSERSHELL_D, [
+	#include <unistd.h> ], [ char *(*X)() = getusershell ],
+	[AC_DEFINE(HAVE_GETUSERSHELL_D, 1)])
+fi
+
+
+if test $have_long_long = yes -a $ac_cv_sizeof_off_t -ge 8; then
+
+dnl		We assume that if sprintf() supports %lld or %qd,
+dnl		then all of *printf() does. If not, disable long long
+dnl		support because we don't know how to display it.
+
+	AC_MSG_CHECKING(*printf() support for %lld)
+	can_printf_longlong=no
+	AC_TRY_RUN([
+		#include <stdio.h>
+		int main() {
+			char buf[100];
+			sprintf(buf, "%lld", 4294967300LL);
+			return (strcmp(buf, "4294967300"));
+		}
+	], [
+		AC_MSG_RESULT(yes)
+		can_printf_longlong=yes
+	], [
+		AC_MSG_RESULT(no)
+	], [ : ])
+
+	if test $can_printf_longlong != yes; then
+		AC_MSG_CHECKING(*printf() support for %qd)
+		AC_TRY_RUN([
+			#include <stdio.h>
+			int main() {
+				char buf[100];
+				sprintf(buf, "%qd", 4294967300LL);
+				return (strcmp(buf, "4294967300"));
+			}
+		], [
+			AC_MSG_RESULT(yes)
+			can_printf_longlong=yes
+			AC_DEFINE(HAVE_PRINTF_QD, 1)
+		], [
+			AC_MSG_RESULT(no)
+		], [ : ])
+	fi
+
+	if test $can_printf_longlong = yes; then
+		AC_DEFINE(HAVE_QUAD_SUPPORT, 1)
+		AC_REPLACE_FUNCS(strtoll)
+	fi
+
+fi
+
+
+have_rfc2553_netdb=no
+if test $ac_cv_func_getaddrinfo = yes -a ! -n "$socks"; then
+	AC_MSG_TRY_COMPILE(for AI_NUMERICHOST,
+	    ftp_cv_have_ai_numerichost, [
+	#include <sys/types.h>
+	#include <sys/socket.h>
+	#include <netdb.h> ],
+	    [ int X = AI_NUMERICHOST ], [ have_rfc2553_netdb=yes ])
+fi
+AC_MSG_CHECKING(for working getaddrinfo())
+if test $have_rfc2553_netdb = yes; then
+	AC_DEFINE(HAVE_RFC2553_NETDB, 1)
+	AC_MSG_RESULT(yes)
+else
+	if test $ac_cv_func_getaddrinfo = yes; then
+		LIBOBJS="$LIBOBJS getaddrinfo.o"
+		AC_MSG_RESULT(no - using local version)
+	else
+		AC_MSG_RESULT(using local version)
+	fi
+fi
+
+if test $ac_cv_func_sl_init = yes; then
+	AC_MSG_TRY_COMPILE(if sl_add() returns int, ftp_cv_INT_SL_ADD, [
+	#include <stringlist.h> ], [ int f = sl_add((StringList *)0, "foo") ],
+	[:] , [LIBOBJS="$LIBOBJS sl_init.o"])
+fi
+
+
+dnl Tests for stuff for inbuilt ls
+dnl
+
+if test $opt_builtinls = yes; then
+	AC_REPLACE_FUNCS(fts_open strmode user_from_uid)
+	LSOBJS="cmp.o ls.o print.o util.o"
+else
+	AC_DEFINE(NO_INTERNAL_LS,1)
+fi
+
+
+dnl Build libukem if necessary
+dnl
+
+if test -n "$LIBOBJS"; then
+	INCLUDES="$INCLUDES -I\${srcdir}/../libukem"
+	LDFLAGS="$LDFLAGS -L../libukem"
+	LIBS="$LIBS -lukem"
+	LIBUKEM=libukem.a
+	LIBDEPENDS="$LIBDEPENDS ../libukem/libukem.a"
+fi
+
+
+dnl Create the Makefiles
+dnl
+
+AC_SUBST(INCLUDES)
+AC_SUBST(LIBUKEM)
+AC_SUBST(LIBDEPENDS)
+AC_SUBST(LSOBJS)
+
+AC_OUTPUT(Makefile libukem/Makefile src/Makefile)

contrib/lukemftpd/install-sh

@@ -0,0 +1,251 @@
+#!/bin/sh
+#
+# install - install a program, script, or datafile
+# This comes from X11R5 (mit/util/scripts/install.sh).
+#
+# Copyright 1991 by the Massachusetts Institute of Technology
+#
+# Permission to use, copy, modify, distribute, and sell this software and its
+# documentation for any purpose is hereby granted without fee, provided that
+# the above copyright notice appear in all copies and that both that
+# copyright notice and this permission notice appear in supporting
+# documentation, and that the name of M.I.T. not be used in advertising or
+# publicity pertaining to distribution of the software without specific,
+# written prior permission.  M.I.T. makes no representations about the
+# suitability of this software for any purpose.  It is provided "as is"
+# without express or implied warranty.
+#
+# Calling this script install-sh is preferred over install.sh, to prevent
+# `make' implicit rules from creating a file called install from it
+# when there is no Makefile.
+#
+# This script is compatible with the BSD install script, but was written
+# from scratch.  It can only install one file at a time, a restriction
+# shared with many OS's install programs.
+
+
+# set DOITPROG to echo to test this script
+
+# Don't use :- since 4.3BSD and earlier shells don't like it.
+doit="${DOITPROG-}"
+
+
+# put in absolute paths if you don't have them in your path; or use env. vars.
+
+mvprog="${MVPROG-mv}"
+cpprog="${CPPROG-cp}"
+chmodprog="${CHMODPROG-chmod}"
+chownprog="${CHOWNPROG-chown}"
+chgrpprog="${CHGRPPROG-chgrp}"
+stripprog="${STRIPPROG-strip}"
+rmprog="${RMPROG-rm}"
+mkdirprog="${MKDIRPROG-mkdir}"
+
+transformbasename=""
+transform_arg=""
+instcmd="$mvprog"
+chmodcmd="$chmodprog 0755"
+chowncmd=""
+chgrpcmd=""
+stripcmd=""
+rmcmd="$rmprog -f"
+mvcmd="$mvprog"
+src=""
+dst=""
+dir_arg=""
+
+while [ x"$1" != x ]; do
+    case $1 in
+	-c) instcmd="$cpprog"
+	    shift
+	    continue;;
+
+	-d) dir_arg=true
+	    shift
+	    continue;;
+
+	-m) chmodcmd="$chmodprog $2"
+	    shift
+	    shift
+	    continue;;
+
+	-o) chowncmd="$chownprog $2"
+	    shift
+	    shift
+	    continue;;
+
+	-g) chgrpcmd="$chgrpprog $2"
+	    shift
+	    shift
+	    continue;;
+
+	-s) stripcmd="$stripprog"
+	    shift
+	    continue;;
+
+	-t=*) transformarg=`echo $1 | sed 's/-t=//'`
+	    shift
+	    continue;;
+
+	-b=*) transformbasename=`echo $1 | sed 's/-b=//'`
+	    shift
+	    continue;;
+
+	*)  if [ x"$src" = x ]
+	    then
+		src=$1
+	    else
+		# this colon is to work around a 386BSD /bin/sh bug
+		:
+		dst=$1
+	    fi
+	    shift
+	    continue;;
+    esac
+done
+
+if [ x"$src" = x ]
+then
+	echo "install:	no input file specified"
+	exit 1
+else
+	true
+fi
+
+if [ x"$dir_arg" != x ]; then
+	dst=$src
+	src=""
+	
+	if [ -d $dst ]; then
+		instcmd=:
+		chmodcmd=""
+	else
+		instcmd=mkdir
+	fi
+else
+
+# Waiting for this to be detected by the "$instcmd $src $dsttmp" command
+# might cause directories to be created, which would be especially bad 
+# if $src (and thus $dsttmp) contains '*'.
+
+	if [ -f $src -o -d $src ]
+	then
+		true
+	else
+		echo "install:  $src does not exist"
+		exit 1
+	fi
+	
+	if [ x"$dst" = x ]
+	then
+		echo "install:	no destination specified"
+		exit 1
+	else
+		true
+	fi
+
+# If destination is a directory, append the input filename; if your system
+# does not like double slashes in filenames, you may need to add some logic
+
+	if [ -d $dst ]
+	then
+		dst="$dst"/`basename $src`
+	else
+		true
+	fi
+fi
+
+## this sed command emulates the dirname command
+dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'`
+
+# Make sure that the destination directory exists.
+#  this part is taken from Noah Friedman's mkinstalldirs script
+
+# Skip lots of stat calls in the usual case.
+if [ ! -d "$dstdir" ]; then
+defaultIFS='	
+'
+IFS="${IFS-${defaultIFS}}"
+
+oIFS="${IFS}"
+# Some sh's can't handle IFS=/ for some reason.
+IFS='%'
+set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'`
+IFS="${oIFS}"
+
+pathcomp=''
+
+while [ $# -ne 0 ] ; do
+	pathcomp="${pathcomp}${1}"
+	shift
+
+	if [ ! -d "${pathcomp}" ] ;
+        then
+		$mkdirprog "${pathcomp}"
+	else
+		true
+	fi
+
+	pathcomp="${pathcomp}/"
+done
+fi
+
+if [ x"$dir_arg" != x ]
+then
+	$doit $instcmd $dst &&
+
+	if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi &&
+	if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi &&
+	if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi &&
+	if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi
+else
+
+# If we're going to rename the final executable, determine the name now.
+
+	if [ x"$transformarg" = x ] 
+	then
+		dstfile=`basename $dst`
+	else
+		dstfile=`basename $dst $transformbasename | 
+			sed $transformarg`$transformbasename
+	fi
+
+# don't allow the sed command to completely eliminate the filename
+
+	if [ x"$dstfile" = x ] 
+	then
+		dstfile=`basename $dst`
+	else
+		true
+	fi
+
+# Make a temp file name in the proper directory.
+
+	dsttmp=$dstdir/#inst.$$#
+
+# Move or copy the file name to the temp name
+
+	$doit $instcmd $src $dsttmp &&
+
+	trap "rm -f ${dsttmp}" 0 &&
+
+# and set any options; do chmod last to preserve setuid bits
+
+# If any of these fail, we abort the whole thing.  If we want to
+# ignore errors from any of these, just make sure not to ignore
+# errors from the above "$doit $instcmd $src $dsttmp" command.
+
+	if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi &&
+	if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi &&
+	if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi &&
+	if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi &&
+
+# Now rename the file to the real destination.
+
+	$doit $rmcmd -f $dstdir/$dstfile &&
+	$doit $mvcmd $dsttmp $dstdir/$dstfile 
+
+fi &&
+
+
+exit 0

contrib/lukemftpd/lukemftpd.h

@@ -0,0 +1,396 @@
+/* $Id: lukemftpd.h,v 1.16 2001/05/09 02:04:53 lukem Exp $ */
+
+#define	FTPD_VERSION	"lukemftpd 1.1"
+
+#include "config.h"
+
+#include <sys/types.h>
+#include <sys/param.h>
+#include <sys/ioctl.h>
+#include <sys/socket.h>
+#include <sys/stat.h>
+#include <sys/wait.h>
+#if HAVE_SYS_SYSMACROS_H
+# include <sys/sysmacros.h>
+#endif
+
+#include <netinet/in.h>
+#include <netinet/in_systm.h>
+#include <netinet/ip.h>
+
+#if HAVE_FTP_NAMES
+# include <arpa/ftp.h>
+#else
+# include "arpaftp.h"
+#endif
+#include <arpa/inet.h>
+
+#include <ctype.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <fnmatch.h>
+#include <grp.h>
+#include <limits.h>
+#include <locale.h>
+#include <netdb.h>
+#include <pwd.h>
+#include <setjmp.h>
+#include <signal.h>
+#include <stdarg.h>
+#include <stddef.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <syslog.h>
+#include <termios.h>
+#include <unistd.h>
+#include <utmp.h>
+
+#if HAVE_DIRENT_H
+# include <dirent.h>
+#else
+# define dirent direct
+# if HAVE_SYS_NDIR_H
+#  include <sys/ndir.h>
+# endif
+# if HAVE_SYS_DIR_H
+#  include <sys/dir.h>
+# endif
+# if HAVE_NDIR_H
+#  include <ndir.h>
+# endif
+#endif
+
+#if TIME_WITH_SYS_TIME
+# include <sys/time.h>
+# include <time.h>
+#else
+# if HAVE_SYS_TIME_H
+#  include <sys/time.h>
+# else
+#  include <time.h>
+# endif
+#endif
+
+#if HAVE_ERR_H
+# include <err.h>
+#endif
+
+#if HAVE_WORKING_GLOB
+# include <glob.h>
+#else
+# include "ftpglob.h"
+#endif
+
+#if HAVE_PATHS_H
+# include <paths.h>
+#endif
+#ifndef	_PATH_BSHELL
+#define	_PATH_BSHELL	"/bin/sh"
+#endif
+#ifndef	_PATH_CSHELL
+#define	_PATH_CSHELL	"/bin/csh"
+#endif
+#ifndef	_PATH_SHELLS
+#define	_PATH_SHELLS	"/etc/shells"
+#endif
+#ifndef	_PATH_DEVNULL
+#define	_PATH_DEVNULL	"/dev/null"
+#endif
+#ifndef	_PATH_NOLOGIN
+#define	_PATH_NOLOGIN	"/etc/nologin"
+#endif
+
+#ifndef FTPD_LOGTYPE
+# ifdef LOG_FTP
+#  define FTPD_LOGTYPE	LOG_FTP
+# else
+#  define FTPD_LOGTYPE	LOG_DAEMON
+# endif
+#endif
+
+#ifndef LOG_AUTHPRIV
+# ifdef LOG_AUTH
+#  define LOG_AUTHPRIV	LOG_AUTH
+# else
+#  define LOG_AUTHPRIV	LOG_DAEMON
+# endif
+#endif
+
+typedef struct _stringlist {
+	char	**sl_str;
+	size_t	  sl_max;
+	size_t	  sl_cur;
+} StringList;
+
+StringList *sl_init(void);
+int	 sl_add(StringList *, char *);
+void	 sl_free(StringList *, int);
+char	*sl_find(StringList *, char *);
+
+#if HAVE_FTS_H
+# include <fts.h>
+#else
+# include "ftpfts.h"
+#endif
+
+#if HAVE_UTIL_H
+# include <util.h>
+#endif
+
+#if HAVE_LIBUTIL_H
+# include <libutil.h>
+#endif
+
+#if ! HAVE_IN_PORT_T
+typedef unsigned short in_port_t;
+#endif
+
+#if ! HAVE_SOCKLEN_T
+typedef unsigned int socklen_t;
+#endif
+
+#if HAVE_AF_INET6 && HAVE_SOCKADDR_IN6
+# define INET6
+#endif
+
+
+#if ! HAVE_RFC2553_NETDB
+
+				/* RFC 2553 */
+#undef	EAI_ADDRFAMILY
+#define	EAI_ADDRFAMILY	 1	/* address family for hostname not supported */
+#undef	EAI_AGAIN
+#define	EAI_AGAIN	 2	/* temporary failure in name resolution */
+#undef	EAI_BADFLAGS
+#define	EAI_BADFLAGS	 3	/* invalid value for ai_flags */
+#undef	EAI_FAIL
+#define	EAI_FAIL	 4	/* non-recoverable failure in name resolution */
+#undef	EAI_FAMILY
+#define	EAI_FAMILY	 5	/* ai_family not supported */
+#undef	EAI_MEMORY
+#define	EAI_MEMORY	 6	/* memory allocation failure */
+#undef	EAI_NODATA
+#define	EAI_NODATA	 7	/* no address associated with hostname */
+#undef	EAI_NONAME
+#define	EAI_NONAME	 8	/* hostname nor servname provided, or not known */
+#undef	EAI_SERVICE
+#define	EAI_SERVICE	 9	/* servname not supported for ai_socktype */
+#undef	EAI_SOCKTYPE
+#define	EAI_SOCKTYPE	10	/* ai_socktype not supported */
+#undef	EAI_SYSTEM
+#define	EAI_SYSTEM	11	/* system error returned in errno */
+
+				/* KAME extensions? */
+#undef	EAI_BADHINTS
+#define	EAI_BADHINTS	12
+#undef	EAI_PROTOCOL
+#define	EAI_PROTOCOL	13
+#undef	EAI_MAX
+#define	EAI_MAX		14
+
+				/* RFC 2553 */
+#undef	NI_MAXHOST
+#define	NI_MAXHOST	1025
+#undef	NI_MAXSERV
+#define	NI_MAXSERV	32
+
+#undef	NI_NOFQDN
+#define	NI_NOFQDN	0x00000001
+#undef	NI_NUMERICHOST
+#define	NI_NUMERICHOST	0x00000002
+#undef	NI_NAMEREQD
+#define	NI_NAMEREQD	0x00000004
+#undef	NI_NUMERICSERV
+#define	NI_NUMERICSERV	0x00000008
+#undef	NI_DGRAM
+#define	NI_DGRAM	0x00000010
+
+				/* RFC 2553 */
+#undef	AI_PASSIVE
+#define	AI_PASSIVE	0x00000001 /* get address to use bind() */
+#undef	AI_CANONNAME
+#define	AI_CANONNAME	0x00000002 /* fill ai_canonname */
+
+				/* KAME extensions ? */
+#undef	AI_NUMERICHOST
+#define	AI_NUMERICHOST	0x00000004 /* prevent name resolution */
+#undef	AI_MASK
+#define	AI_MASK		(AI_PASSIVE | AI_CANONNAME | AI_NUMERICHOST)
+
+				/* RFC 2553 */
+#undef	AI_ALL
+#define	AI_ALL		0x00000100 /* IPv6 and IPv4-mapped (with AI_V4MAPPED) */
+#undef	AI_V4MAPPED_CFG
+#define	AI_V4MAPPED_CFG	0x00000200 /* accept IPv4-mapped if kernel supports */
+#undef	AI_ADDRCONFIG
+#define	AI_ADDRCONFIG	0x00000400 /* only if any address is assigned */
+#undef	AI_V4MAPPED
+#define	AI_V4MAPPED	0x00000800 /* accept IPv4-mapped IPv6 address */
+
+#endif /* ! HAVE_RFC2553_NETDB */
+
+
+#if ! HAVE_RFC2553_NETDB && ! HAVE_ADDRINFO
+
+struct addrinfo {
+	int	ai_flags;	/* AI_PASSIVE, AI_CANONNAME, AI_NUMERICHOST */
+	int	ai_family;	/* PF_xxx */
+	int	ai_socktype;	/* SOCK_xxx */
+	int	ai_protocol;	/* 0 or IPPROTO_xxx for IPv4 and IPv6 */
+	size_t	ai_addrlen;	/* length of ai_addr */
+	char	*ai_canonname;	/* canonical name for hostname */
+	struct sockaddr *ai_addr;	/* binary address */
+	struct addrinfo *ai_next;	/* next structure in linked list */
+};
+
+int	getaddrinfo(const char *, const char *,
+	    const struct addrinfo *, struct addrinfo **);
+int	getnameinfo(const struct sockaddr *, socklen_t, char *,
+	    size_t, char *, size_t, int);
+void	freeaddrinfo(struct addrinfo *);
+char	*gai_strerror(int);
+
+#endif /* ! HAVE_RFC2553_NETDB && ! HAVE_ADDRINFO */
+
+
+#if ! HAVE_D_NAMLEN
+# define DIRENT_MISSING_D_NAMLEN
+#endif
+
+#if ! HAVE_CRYPT_D
+char	*crypt(const char *, const char *);
+#endif
+
+#if ! HAVE_FCLOSE_D
+int	fclose(FILE *);
+#endif
+
+#if ! HAVE_OPTARG_D
+extern char	*optarg;
+#endif
+
+#if ! HAVE_OPTIND_D
+extern int	optind;
+#endif
+
+#if ! HAVE_PCLOSE_D
+int	pclose(FILE *);
+#endif
+
+#if ! HAVE_ERR
+void	err(int, const char *, ...);
+void	errx(int, const char *, ...);
+void	warn(const char *, ...);
+void	warnx(const char *, ...);
+#endif
+
+#if ! HAVE_FGETLN
+char	*fgetln(FILE *, size_t *);
+#endif
+
+#if ! HAVE_FPARSELN
+# define FPARSELN_UNESCESC	0x01
+# define FPARSELN_UNESCCONT	0x02
+# define FPARSELN_UNESCCOMM	0x04
+# define FPARSELN_UNESCREST	0x08
+# define FPARSELN_UNESCALL	0x0f
+char	*fparseln(FILE *, size_t *, size_t *, const char[3], int);
+#endif
+
+#if ! HAVE_GETUSERSHELL || ! HAVE_GETUSERSHELL_D
+char	*getusershell(void);
+void	setusershell(void);
+void	endusershell(void);
+#endif
+
+#if ! HAVE_INET_NTOP
+const char *inet_ntop(int, const void *, char *, size_t);
+#endif
+
+#if ! HAVE_INET_PTON
+int	inet_pton(int, const char *, void *);
+#endif
+
+#if ! HAVE_MKSTEMP
+int	mkstemp(const char *);
+#endif
+
+#if ! HAVE_SNPRINTF
+int	snprintf(char *, size_t, const char *, ...);
+#endif
+
+#if ! HAVE_STRDUP
+char	*strdup(const char *);
+#endif
+
+#if ! HAVE_STRERROR
+char	*strerror(int);
+#endif
+
+#if HAVE_QUAD_SUPPORT
+# if ! HAVE_STRTOLL && HAVE_LONG_LONG
+long long strtoll(const char *, char **, int);
+#  if ! defined(QUAD_MIN)
+#   define QUAD_MIN	(-0x7fffffffffffffffL-1)
+#  endif
+#  if ! defined(QUAD_MAX)
+#   define QUAD_MAX	(0x7fffffffffffffffL)
+#  endif
+# endif
+#else	/* ! HAVE_QUAD_SUPPORT */
+# define NO_LONG_LONG	1
+#endif	/* ! HAVE_QUAD_SUPPORT */
+
+#if ! HAVE_STRLCAT
+size_t	strlcat(char *, const char *, size_t);
+#endif
+
+#if ! HAVE_STRLCPY
+size_t	strlcpy(char *, const char *, size_t);
+#endif
+
+#if ! HAVE_STRMODE
+void	strmode(mode_t, char *);
+#endif
+
+#if ! HAVE_STRSEP
+char	*strsep(char **, const char *);
+#endif
+
+#if ! HAVE_USER_FROM_UID
+const char *user_from_uid(uid_t, int);
+const char *group_from_gid(gid_t, int);
+#endif
+
+#if ! HAVE_VSYSLOG
+void	vsyslog(int level, const char *, va_list);
+#endif
+
+
+#if ! defined(MIN)
+# define MIN(a, b)	((a) < (b) ? (a) : (b))
+#endif
+#if ! defined(MAX)
+# define MAX(a, b)	((a) < (b) ? (b) : (a))
+#endif
+
+#if ! defined(timersub)
+# define timersub(tvp, uvp, vvp)					\
+	do {								\
+		(vvp)->tv_sec = (tvp)->tv_sec - (uvp)->tv_sec;		\
+		(vvp)->tv_usec = (tvp)->tv_usec - (uvp)->tv_usec;	\
+		if ((vvp)->tv_usec < 0) {				\
+			(vvp)->tv_sec--;				\
+			(vvp)->tv_usec += 1000000;			\
+		}							\
+	} while (0)
+#endif
+
+#if ! defined(S_ISLNK)
+# define S_ISLNK(m)	((m & S_IFMT) == S_IFLNK)
+#endif
+
+#define	DAYSPERNYEAR	365
+#define SECSPERDAY	86400
+#define TM_YEAR_BASE	1900

contrib/lukemftpd/src/Makefile.in

@@ -0,0 +1,61 @@
+# $Id: Makefile.in,v 1.5 2001/03/29 05:29:07 lukem Exp $
+#
+
+srcdir	= @srcdir@
+VPATH	= @srcdir@
+SHELL	= /bin/sh
+
+prefix	= @prefix@
+exec_prefix = @exec_prefix@
+bindir	= @bindir@
+mandir	= @mandir@
+sbindir	= @sbindir@
+
+mandircat5 = ${mandir}/cat5
+mandircat8 = ${mandir}/cat8
+
+CC	= @CC@
+CFLAGS	= -I${srcdir} -I${srcdir}/.. -I. -I.. @INCLUDES@ @CFLAGS@
+LIBS	= @LIBS@
+LDFLAGS	= @LDFLAGS@
+
+INSTALL	= @INSTALL@
+
+PROG	= ftpd
+OBJS	= cmds.o conf.o ftpd.o ftpcmd.o popen.o @LSOBJS@
+# removed: logutmp.o logwtmp.o
+
+all:	${PROG}
+
+cmp.o: ${srcdir}/../ls/cmp.c
+	${CC} ${CFLAGS} -c  -o cmp.o ${srcdir}/../ls/cmp.c
+
+ls.o: ${srcdir}/../ls/ls.c
+	${CC} ${CFLAGS} -c  -o ls.o ${srcdir}/../ls/ls.c
+
+print.o: ${srcdir}/../ls/print.c
+	${CC} ${CFLAGS} -c  -o print.o ${srcdir}/../ls/print.c
+
+stat_flags.o: ${srcdir}/../ls/stat_flags.c
+	${CC} ${CFLAGS} -c  -o stat_flags.o ${srcdir}/../ls/stat_flags.c
+
+util.o: ${srcdir}/../ls/util.c
+	${CC} ${CFLAGS} -c  -o util.o ${srcdir}/../ls/util.c
+
+install: all
+	-mkdir -p ${sbindir}
+	${INSTALL} -m 555 ${PROG} ${sbindir}
+	-mkdir -p ${mandircat5}
+	${INSTALL} -m 444 ${srcdir}/ftpd.conf.cat5 ${mandircat5}/ftpd.conf.5
+	${INSTALL} -m 444 ${srcdir}/ftpusers.cat5 ${mandircat5}/ftpusers.5
+	-mkdir -p ${mandircat8}
+	${INSTALL} -m 444 ${srcdir}/${PROG}.cat8 ${mandircat8}/${PROG}.8
+
+${PROG}: ${OBJS} @LIBDEPENDS@
+	${CC} ${CFLAGS} ${LDFLAGS} -o ${PROG} ${OBJS} ${LIBS}
+
+clean:
+	rm -f core ${PROG} ${OBJS}
+
+distclean: clean
+	rm -f Makefile

contrib/lukemftpd/src/arpaftp.h

@@ -0,0 +1,111 @@
+/*	$NetBSD: ftp.h,v 1.5 1998/02/10 00:32:50 perry Exp $	*/
+
+/*
+ * Copyright (c) 1983, 1989, 1993
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *	This product includes software developed by the University of
+ *	California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ *	@(#)ftp.h	8.1 (Berkeley) 6/2/93
+ */
+
+#ifndef _ARPA_FTP_H_
+#define	_ARPA_FTP_H_
+
+/* Definitions for FTP; see RFC-765. */
+
+/*
+ * Reply codes.
+ */
+#define PRELIM		1	/* positive preliminary */
+#define COMPLETE	2	/* positive completion */
+#define CONTINUE	3	/* positive intermediate */
+#define TRANSIENT	4	/* transient negative completion */
+#define ERROR		5	/* permanent negative completion */
+
+/*
+ * Type codes
+ */
+#define	TYPE_A		1	/* ASCII */
+#define	TYPE_E		2	/* EBCDIC */
+#define	TYPE_I		3	/* image */
+#define	TYPE_L		4	/* local byte size */
+
+#ifdef FTP_NAMES
+char *typenames[] =  {"0", "ASCII", "EBCDIC", "Image", "Local" };
+#endif
+
+/*
+ * Form codes
+ */
+#define	FORM_N		1	/* non-print */
+#define	FORM_T		2	/* telnet format effectors */
+#define	FORM_C		3	/* carriage control (ASA) */
+#ifdef FTP_NAMES
+char *formnames[] =  {"0", "Nonprint", "Telnet", "Carriage-control" };
+#endif
+
+/*
+ * Structure codes
+ */
+#define	STRU_F		1	/* file (no record structure) */
+#define	STRU_R		2	/* record structure */
+#define	STRU_P		3	/* page structure */
+#ifdef FTP_NAMES
+char *strunames[] =  {"0", "File", "Record", "Page" };
+#endif
+
+/*
+ * Mode types
+ */
+#define	MODE_S		1	/* stream */
+#define	MODE_B		2	/* block */
+#define	MODE_C		3	/* compressed */
+#ifdef FTP_NAMES
+char *modenames[] =  {"0", "Stream", "Block", "Compressed" };
+#endif
+
+/*
+ * Record Tokens
+ */
+#define	REC_ESC		'\377'	/* Record-mode Escape */
+#define	REC_EOR		'\001'	/* Record-mode End-of-Record */
+#define REC_EOF		'\002'	/* Record-mode End-of-File */
+
+/*
+ * Block Header
+ */
+#define	BLK_EOR		0x80	/* Block is End-of-Record */
+#define	BLK_EOF		0x40	/* Block is End-of-File */
+#define BLK_ERRORS	0x20	/* Block is suspected of containing errors */
+#define	BLK_RESTART	0x10	/* Block is Restart Marker */
+
+#define	BLK_BYTECOUNT	2	/* Bytes in this block */
+
+#endif /* _ARPA_FTP_H_ */

contrib/lukemftpd/src/cmds.c

@@ -0,0 +1,791 @@
+/*	$NetBSD: cmds.c,v 1.13 2001/04/25 01:46:25 lukem Exp $	*/
+
+/*
+ * Copyright (c) 1999-2001 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Luke Mewburn.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *        This product includes software developed by the NetBSD
+ *        Foundation, Inc. and its contributors.
+ * 4. Neither the name of The NetBSD Foundation nor the names of its
+ *    contributors may be used to endorse or promote products derived
+ *    from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Copyright (c) 1985, 1988, 1990, 1992, 1993, 1994
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *	This product includes software developed by the University of
+ *	California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/*
+ * Copyright (C) 1997 and 1998 WIDE Project.
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the project nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "lukemftpd.h"
+
+#include "extern.h"
+
+typedef struct {
+	const char	*path;		/* full pathname */
+	const char	*display;	/* name to display */
+	struct stat	*stat;		/* stat of path */
+	struct stat	*pdirstat;	/* stat of path's parent dir */
+	int		 iscurdir;	/* nonzero if name is the current dir */
+} factelem;
+
+static void	ack(const char *);
+static void	base64_encode(const char *, size_t, char *, int);
+static void	fact_type(const char *, FILE *, factelem *);
+static void	fact_size(const char *, FILE *, factelem *);
+static void	fact_modify(const char *, FILE *, factelem *);
+static void	fact_perm(const char *, FILE *, factelem *);
+static void	fact_unique(const char *, FILE *, factelem *);
+static int	matchgroup(gid_t);
+static void	mlsname(FILE *, factelem *);
+static void	replydirname(const char *, const char *);
+
+struct ftpfact {
+	const char	 *name;		/* name of fact */
+	int		  enabled;	/* if fact is enabled */
+	void		(*display)(const char *, FILE *, factelem *);
+					/* function to display fact */
+};
+
+struct ftpfact facttab[] = {
+	{ "Type",	1, fact_type },
+#define	FACT_TYPE 0
+	{ "Size",	1, fact_size },
+	{ "Modify",	1, fact_modify },
+	{ "Perm",	1, fact_perm },
+	{ "Unique",	1, fact_unique },
+	/* "Create" */
+	/* "Lang" */
+	/* "Media-Type" */
+	/* "CharSet" */
+};
+
+#define FACTTABSIZE	(sizeof(facttab) / sizeof(struct ftpfact))
+
+
+void
+cwd(const char *path)
+{
+
+	if (chdir(path) < 0)
+		perror_reply(550, path);
+	else {
+		show_chdir_messages(250);
+		ack("CWD");
+	}
+}
+
+void
+delete(const char *name)
+{
+	char *p = NULL;
+
+	if (remove(name) < 0) {
+		p = strerror(errno);
+		perror_reply(550, name);
+	} else
+		ack("DELE");
+	logxfer("delete", -1, name, NULL, NULL, p);
+}
+
+void
+feat(void)
+{
+	int i;
+
+	reply(-211, "Features supported");
+	cprintf(stdout, " MDTM\r\n");
+	cprintf(stdout, " MLST ");
+	for (i = 0; i < FACTTABSIZE; i++)
+		cprintf(stdout, "%s%s;", facttab[i].name,
+		    facttab[i].enabled ? "*" : "");
+	cprintf(stdout, "\r\n");
+	cprintf(stdout, " REST STREAM\r\n");
+	cprintf(stdout, " SIZE\r\n");
+	cprintf(stdout, " TVFS\r\n");
+	reply(211,  "End");
+}
+
+void
+makedir(const char *name)
+{
+	char *p = NULL;
+
+	if (mkdir(name, 0777) < 0) {
+		p = strerror(errno);
+		perror_reply(550, name);
+	} else
+		replydirname(name, "directory created.");
+	logxfer("mkdir", -1, name, NULL, NULL, p);
+}
+
+void
+mlsd(const char *path)
+{
+	struct dirent	*dp;
+	struct stat	 sb, pdirstat;
+	factelem f;
+	FILE	*dout;
+	DIR	*dirp;
+	char	name[MAXPATHLEN];
+	int	hastypefact;
+
+	hastypefact = facttab[FACT_TYPE].enabled;
+	if (path == NULL)
+		path = ".";
+	if (stat(path, &pdirstat) == -1) {
+ mlsdperror:
+		perror_reply(550, path);
+		return;
+	}
+	if (! S_ISDIR(pdirstat.st_mode)) {
+		errno = ENOTDIR;
+		perror_reply(501, path);
+		return;
+	}
+	dout = dataconn("MLSD", (off_t)-1, "w");
+	if (dout == NULL)
+		return;
+
+	if ((dirp = opendir(path)) == NULL)
+		goto mlsdperror;
+	f.stat = &sb;
+	while ((dp = readdir(dirp)) != NULL) {
+		snprintf(name, sizeof(name), "%s/%s", path, dp->d_name);
+		if (ISDOTDIR(dp->d_name)) {	/* special case curdir: */
+			if (! hastypefact)
+				continue;
+			f.pdirstat = NULL;	/*   require stat of parent */
+			f.display = path;	/*   set name to real name */
+			f.iscurdir = 1;		/*   flag name is curdir */
+		} else {
+			if (ISDOTDOTDIR(dp->d_name)) {
+				if (! hastypefact)
+					continue;
+				f.pdirstat = NULL;
+			} else
+				f.pdirstat = &pdirstat;	/* cache parent stat */
+			f.display = dp->d_name;
+			f.iscurdir = 0;
+		}
+		if (stat(name, &sb) == -1)
+			continue;
+		f.path = name;
+		mlsname(dout, &f);
+	}
+	(void)closedir(dirp);
+
+	if (ferror(dout) != 0)
+		perror_reply(550, "Data connection");
+	else
+		reply(226, "MLSD complete.");
+	closedataconn(dout);
+	total_xfers_out++;
+	total_xfers++;
+}
+
+void
+mlst(const char *path)
+{
+	struct stat sb;
+	factelem f;
+
+	if (path == NULL)
+		path = ".";
+	if (stat(path, &sb) == -1) {
+		perror_reply(550, path);
+		return;
+	}
+	reply(-250, "MLST %s", path);
+	f.path = path;
+	f.display = path;
+	f.stat = &sb;
+	f.pdirstat = NULL;
+	f.iscurdir = 0;
+	CPUTC(' ', stdout);
+	mlsname(stdout, &f);
+	reply(250, "End");
+}
+
+
+void
+opts(const char *command)
+{
+	struct tab *c;
+	char *ep;
+
+	if ((ep = strchr(command, ' ')) != NULL)
+		*ep++ = '\0';
+	c = lookup(cmdtab, command);
+	if (c == NULL) {
+		reply(502, "Unknown command %s.", command);
+		return;
+	}
+	if (! CMD_IMPLEMENTED(c)) {
+		reply(501, "%s command not implemented.", c->name);
+		return;
+	}
+	if (! CMD_HAS_OPTIONS(c)) {
+		reply(501, "%s command does not support persistent options.",
+		    c->name);
+		return;
+	}
+
+			/* special case: MLST */
+	if (strcasecmp(command, "MLST") == 0) {
+		int	 enabled[FACTTABSIZE];
+		int	 i, onedone;
+		size_t	 len;
+		char	*p;
+
+		for (i = 0; i < sizeof(enabled) / sizeof(int); i++)
+			enabled[i] = 0;
+		if (ep == NULL || *ep == '\0')
+			goto displaymlstopts;
+
+				/* don't like spaces, and need trailing ; */
+		len = strlen(ep);
+		if (strchr(ep, ' ') != NULL || ep[len - 1] != ';') {
+ badmlstopt:
+			reply(501, "Invalid MLST options");
+			return;
+		}
+		ep[len - 1] = '\0';
+		while ((p = strsep(&ep, ";")) != NULL) {
+			if (*p == '\0')
+				goto badmlstopt;
+			for (i = 0; i < FACTTABSIZE; i++)
+				if (strcasecmp(p, facttab[i].name) == 0) {
+					enabled[i] = 1;
+					break;
+				}
+		}
+
+ displaymlstopts:
+		for (i = 0; i < FACTTABSIZE; i++)
+			facttab[i].enabled = enabled[i];
+		cprintf(stdout, "200 MLST OPTS");
+		for (i = onedone = 0; i < FACTTABSIZE; i++) {
+			if (facttab[i].enabled) {
+				cprintf(stdout, "%s%s;", onedone ? "" : " ",
+				    facttab[i].name);
+				onedone++;
+			}
+		}
+		cprintf(stdout, "\r\n");
+		fflush(stdout);
+		return;
+	}
+
+			/* default cases */
+	if (ep != NULL && *ep != '\0')
+		REASSIGN(c->options, xstrdup(ep));
+	if (c->options != NULL)
+		reply(200, "Options for %s are '%s'.", c->name,
+		    c->options);
+	else
+		reply(200, "No options defined for %s.", c->name);
+}
+
+void
+pwd(void)
+{
+	char path[MAXPATHLEN];
+
+	if (getcwd(path, sizeof(path) - 1) == NULL)
+		reply(550, "Can't get the current directory: %s.",
+		    strerror(errno));
+	else
+		replydirname(path, "is the current directory.");
+}
+
+void
+removedir(const char *name)
+{
+	char *p = NULL;
+
+	if (rmdir(name) < 0) {
+		p = strerror(errno);
+		perror_reply(550, name);
+	} else
+		ack("RMD");
+	logxfer("rmdir", -1, name, NULL, NULL, p);
+}
+
+char *
+renamefrom(const char *name)
+{
+	struct stat st;
+
+	if (stat(name, &st) < 0) {
+		perror_reply(550, name);
+		return (NULL);
+	}
+	reply(350, "File exists, ready for destination name");
+	return (xstrdup(name));
+}
+
+void
+renamecmd(const char *from, const char *to)
+{
+	char *p = NULL;
+
+	if (rename(from, to) < 0) {
+		p = strerror(errno);
+		perror_reply(550, "rename");
+	} else
+		ack("RNTO");
+	logxfer("rename", -1, from, to, NULL, p);
+}
+
+void
+sizecmd(const char *filename)
+{
+	switch (type) {
+	case TYPE_L:
+	case TYPE_I:
+	    {
+		struct stat stbuf;
+		if (stat(filename, &stbuf) < 0 || !S_ISREG(stbuf.st_mode))
+			reply(550, "%s: not a plain file.", filename);
+		else
+			reply(213, ULLF, (ULLT)stbuf.st_size);
+		break;
+	    }
+	case TYPE_A:
+	    {
+		FILE *fin;
+		int c;
+		off_t count;
+		struct stat stbuf;
+		fin = fopen(filename, "r");
+		if (fin == NULL) {
+			perror_reply(550, filename);
+			return;
+		}
+		if (fstat(fileno(fin), &stbuf) < 0 || !S_ISREG(stbuf.st_mode)) {
+			reply(550, "%s: not a plain file.", filename);
+			(void) fclose(fin);
+			return;
+		}
+
+		count = 0;
+		while((c=getc(fin)) != EOF) {
+			if (c == '\n')	/* will get expanded to \r\n */
+				count++;
+			count++;
+		}
+		(void) fclose(fin);
+
+		reply(213, LLF, (LLT)count);
+		break;
+	    }
+	default:
+		reply(504, "SIZE not implemented for Type %c.", "?AEIL"[type]);
+	}
+}
+
+void
+statfilecmd(const char *filename)
+{
+	FILE *fin;
+	int c;
+	char *argv[] = { INTERNAL_LS, "-lgA", "", NULL };
+
+	argv[2] = (char *)filename;
+	fin = ftpd_popen(argv, "r", STDOUT_FILENO);
+	reply(-211, "status of %s:", filename);
+/* XXX: use fgetln() or fparseln() here? */
+	while ((c = getc(fin)) != EOF) {
+		if (c == '\n') {
+			if (ferror(stdout)){
+				perror_reply(421, "control connection");
+				(void) ftpd_pclose(fin);
+				dologout(1);
+				/* NOTREACHED */
+			}
+			if (ferror(fin)) {
+				perror_reply(551, filename);
+				(void) ftpd_pclose(fin);
+				return;
+			}
+			CPUTC('\r', stdout);
+		}
+		CPUTC(c, stdout);
+	}
+	(void) ftpd_pclose(fin);
+	reply(211, "End of Status");
+}
+
+/* -- */
+
+static void
+ack(const char *s)
+{
+
+	reply(250, "%s command successful.", s);
+}
+
+/*
+ * Encode len bytes starting at clear using base64 encoding into encoded,
+ * which should be at least ((len + 2) * 4 / 3 + 1) in size.
+ * If nulterm is non-zero, terminate with \0 otherwise pad to 3 byte boundary
+ * with `='.
+ */
+static void
+base64_encode(const char *clear, size_t len, char *encoded, int nulterm)
+{
+	static const char base64[] =
+	    "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
+	const char *c;
+	char	*e, termchar;
+	int	 i;
+
+			/* determine whether to pad with '=' or NUL terminate */
+	termchar = nulterm ? '\0' : '=';
+	c = clear;
+	e = encoded;
+			/* convert all but last 2 bytes */
+	for (i = len; i > 2; i -= 3, c += 3) {
+		*e++ = base64[(c[0] >> 2) & 0x3f];
+		*e++ = base64[((c[0] << 4) & 0x30) | ((c[1] >> 4) & 0x0f)];
+		*e++ = base64[((c[1] << 2) & 0x3c) | ((c[2] >> 6) & 0x03)];
+		*e++ = base64[(c[2]) & 0x3f];
+	}
+			/* handle slop at end */
+	if (i > 0) {
+		*e++ = base64[(c[0] >> 2) & 0x3f];
+		*e++ = base64[((c[0] << 4) & 0x30) |
+		     (i > 1 ? ((c[1] >> 4) & 0x0f) : 0)];
+		*e++ = (i > 1) ? base64[(c[1] << 2) & 0x3c] : termchar;
+		*e++ = termchar;
+	}
+	*e = '\0';
+}
+
+static void
+fact_modify(const char *fact, FILE *fd, factelem *fe)
+{
+	struct tm *t;
+
+	t = gmtime(&(fe->stat->st_mtime));
+	cprintf(fd, "%s=%04d%02d%02d%02d%02d%02d;", fact,
+	    TM_YEAR_BASE + t->tm_year,
+	    t->tm_mon+1, t->tm_mday,
+	    t->tm_hour, t->tm_min, t->tm_sec);
+}
+
+static void
+fact_perm(const char *fact, FILE *fd, factelem *fe)
+{
+	int		rok, wok, xok, pdirwok;
+	struct stat	*pdir;
+
+	if (fe->stat->st_uid == geteuid()) {
+		rok = ((fe->stat->st_mode & S_IRUSR) != 0);
+		wok = ((fe->stat->st_mode & S_IWUSR) != 0);
+		xok = ((fe->stat->st_mode & S_IXUSR) != 0);
+	} else if (matchgroup(fe->stat->st_gid)) {
+		rok = ((fe->stat->st_mode & S_IRGRP) != 0);
+		wok = ((fe->stat->st_mode & S_IWGRP) != 0);
+		xok = ((fe->stat->st_mode & S_IXGRP) != 0);
+	} else {
+		rok = ((fe->stat->st_mode & S_IROTH) != 0);
+		wok = ((fe->stat->st_mode & S_IWOTH) != 0);
+		xok = ((fe->stat->st_mode & S_IXOTH) != 0);
+	}
+
+	cprintf(fd, "%s=", fact);
+
+			/*
+			 * if parent info not provided, look it up, but
+			 * only if the current class has modify rights,
+			 * since we only need this info in such a case.
+			 */
+	pdir = fe->pdirstat;
+	if (pdir == NULL && CURCLASS_FLAGS_ISSET(modify)) {
+		size_t		len;
+		char		realdir[MAXPATHLEN], *p;
+		struct stat	dir;
+
+		len = strlcpy(realdir, fe->path, sizeof(realdir));
+		if (len < sizeof(realdir) - 4) {
+			if (S_ISDIR(fe->stat->st_mode))
+				strlcat(realdir, "/..", sizeof(realdir));
+			else {
+					/* if has a /, move back to it */
+					/* otherwise use '..' */
+				if ((p = strrchr(realdir, '/')) != NULL) {
+					if (p == realdir)
+						p++;
+					*p = '\0';
+				} else
+					strlcpy(realdir, "..", sizeof(realdir));
+			}
+			if (stat(realdir, &dir) == 0)
+				pdir = &dir;
+		}
+	}
+	pdirwok = 0;
+	if (pdir != NULL) {
+		if (pdir->st_uid == geteuid())
+			pdirwok = ((pdir->st_mode & S_IWUSR) != 0);
+		else if (matchgroup(pdir->st_gid))
+			pdirwok = ((pdir->st_mode & S_IWGRP) != 0);
+		else
+			pdirwok = ((pdir->st_mode & S_IWOTH) != 0);
+	}
+
+			/* 'a': can APPE to file */
+	if (wok && CURCLASS_FLAGS_ISSET(upload) && S_ISREG(fe->stat->st_mode))
+		CPUTC('a', fd);
+
+			/* 'c': can create or append to files in directory */
+	if (wok && CURCLASS_FLAGS_ISSET(modify) && S_ISDIR(fe->stat->st_mode))
+		CPUTC('c', fd);
+
+			/* 'd': can delete file or directory */
+	if (pdirwok && CURCLASS_FLAGS_ISSET(modify)) {
+		int candel;
+
+		candel = 1;
+		if (S_ISDIR(fe->stat->st_mode)) {
+			DIR *dirp;
+			struct dirent *dp;
+
+			if ((dirp = opendir(fe->display)) == NULL)
+				candel = 0;
+			else {
+				while ((dp = readdir(dirp)) != NULL) {
+					if (ISDOTDIR(dp->d_name) ||
+					    ISDOTDOTDIR(dp->d_name))
+						continue;
+					candel = 0;
+					break;
+				}
+				closedir(dirp);
+			}
+		}
+		if (candel)
+			CPUTC('d', fd);
+	}
+
+			/* 'e': can enter directory */
+	if (xok && S_ISDIR(fe->stat->st_mode))
+		CPUTC('e', fd);
+
+			/* 'f': can rename file or directory */
+	if (pdirwok && CURCLASS_FLAGS_ISSET(modify))
+		CPUTC('f', fd);
+
+			/* 'l': can list directory */
+	if (rok && xok && S_ISDIR(fe->stat->st_mode))
+		CPUTC('l', fd);
+
+			/* 'm': can create directory */
+	if (wok && CURCLASS_FLAGS_ISSET(modify) && S_ISDIR(fe->stat->st_mode))
+		CPUTC('m', fd);
+
+			/* 'p': can remove files in directory */
+	if (wok && CURCLASS_FLAGS_ISSET(modify) && S_ISDIR(fe->stat->st_mode))
+		CPUTC('p', fd);
+
+			/* 'r': can RETR file */
+	if (rok && S_ISREG(fe->stat->st_mode))
+		CPUTC('r', fd);
+
+			/* 'w': can STOR file */
+	if (wok && CURCLASS_FLAGS_ISSET(upload) && S_ISREG(fe->stat->st_mode))
+		CPUTC('w', fd);
+
+	CPUTC(';', fd);
+}
+
+static void
+fact_size(const char *fact, FILE *fd, factelem *fe)
+{
+
+	if (S_ISREG(fe->stat->st_mode))
+		cprintf(fd, "%s=" LLF ";", fact, (LLT)fe->stat->st_size);
+}
+
+static void
+fact_type(const char *fact, FILE *fd, factelem *fe)
+{
+
+	cprintf(fd, "%s=", fact);
+	switch (fe->stat->st_mode & S_IFMT) {
+	case S_IFDIR:
+		if (fe->iscurdir || ISDOTDIR(fe->display))
+			cprintf(fd, "cdir");
+		else if (ISDOTDOTDIR(fe->display))
+			cprintf(fd, "pdir");
+		else
+			cprintf(fd, "dir");
+		break;
+	case S_IFREG:
+		cprintf(fd, "file");
+		break;
+	case S_IFIFO:
+		cprintf(fd, "OS.unix=fifo");
+		break;
+	case S_IFLNK:		/* XXX: probably a NO-OP with stat() */
+		cprintf(fd, "OS.unix=slink");
+		break;
+	case S_IFSOCK:
+		cprintf(fd, "OS.unix=socket");
+		break;
+	case S_IFBLK:
+	case S_IFCHR:
+		cprintf(fd, "OS.unix=%s-%d/%d",
+		    S_ISBLK(fe->stat->st_mode) ? "blk" : "chr",
+		    major(fe->stat->st_rdev), minor(fe->stat->st_rdev));
+		break;
+	default:
+		cprintf(fd, "OS.unix=UNKNOWN(0%o)", fe->stat->st_mode & S_IFMT);
+		break;
+	}
+	CPUTC(';', fd);
+}
+
+static void
+fact_unique(const char *fact, FILE *fd, factelem *fe)
+{
+	char obuf[(sizeof(dev_t) + sizeof(ino_t) + 2) * 4 / 3 + 2];
+	char tbuf[sizeof(dev_t) + sizeof(ino_t)];
+
+	memcpy(tbuf,
+	    (char *)&(fe->stat->st_dev), sizeof(dev_t));
+	memcpy(tbuf + sizeof(dev_t),
+	    (char *)&(fe->stat->st_ino), sizeof(ino_t));
+	base64_encode(tbuf, sizeof(dev_t) + sizeof(ino_t), obuf, 1);
+	cprintf(fd, "%s=%s;", fact, obuf);
+}
+
+static int
+matchgroup(gid_t gid)
+{
+	int	i;
+
+	for (i = 0; i < gidcount; i++)
+		if (gid == gidlist[i])
+			return(1);
+	return (0);
+}
+
+static void
+mlsname(FILE *fp, factelem *fe)
+{
+	int i;
+
+	for (i = 0; i < FACTTABSIZE; i++) {
+		if (facttab[i].enabled)
+			(facttab[i].display)(facttab[i].name, fp, fe);
+	}
+	cprintf(fp, " %s\r\n", fe->display);
+}
+
+static void
+replydirname(const char *name, const char *message)
+{
+	char *p, *ep;
+	char npath[MAXPATHLEN * 2];
+
+	p = npath;
+	ep = &npath[sizeof(npath) - 1];
+	while (*name) {
+		if (*name == '"') {
+			if (ep - p < 2)
+				break;
+			*p++ = *name++;
+			*p++ = '"';
+		} else {
+			if (ep - p < 1)
+				break;
+			*p++ = *name++;
+		}
+	}
+	*p = '\0';
+	reply(257, "\"%s\" %s", npath, message);
+}

contrib/lukemftpd/src/extern.h

@@ -0,0 +1,372 @@
+/*	$NetBSD: extern.h,v 1.41 2001/04/25 01:46:25 lukem Exp $	*/
+
+/*-
+ * Copyright (c) 1992, 1993
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *	This product includes software developed by the University of
+ *	California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ *	@(#)extern.h	8.2 (Berkeley) 4/4/94
+ */
+
+/*-
+ * Copyright (c) 1997-2001 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Luke Mewburn.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *        This product includes software developed by the NetBSD
+ *        Foundation, Inc. and its contributors.
+ * 4. Neither the name of The NetBSD Foundation nor the names of its
+ *    contributors may be used to endorse or promote products derived
+ *    from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Copyright (C) 1997 and 1998 WIDE Project.
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the project nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef NO_LONG_LONG
+# define LLF		"%ld"
+# define LLFP(x)	"%" x "ld"
+# define LLT		long
+# define ULLF		"%lu"
+# define ULLFP(x)	"%" x "lu"
+# define ULLT		unsigned long
+# define STRTOLL(x,y,z)	strtol(x,y,z)
+#else
+#if HAVE_PRINTF_QD
+# define LLF		"%qd"
+# define LLFP(x)	"%" x "qd"
+# define LLT		long long
+# define ULLF		"%qu"
+# define ULLFP(x)	"%" x "qu"
+# define ULLT		unsigned long long
+# define STRTOLL(x,y,z)	strtoll(x,y,z)
+#else
+# define LLF		"%lld"
+# define LLFP(x)	"%" x "lld"
+# define LLT		long long
+# define ULLF		"%llu"
+# define ULLFP(x)	"%" x "llu"
+# define ULLT		unsigned long long
+# define STRTOLL(x,y,z)	strtoll(x,y,z)
+#endif
+#endif
+
+#define FTP_BUFLEN	512
+
+void	abor(void);
+void	blkfree(char **);
+void	closedataconn(FILE *);
+char   *conffilename(const char *);
+char  **copyblk(char **);
+void	count_users(void);
+void	cprintf(FILE *, const char *, ...)
+	    ;
+void	cwd(const char *);
+FILE   *dataconn(const char *, off_t, const char *);
+void	delete(const char *);
+int	display_file(const char *, int);
+char  **do_conversion(const char *);
+void	dologout(int);
+void	fatal(const char *);
+void	feat(void);
+void	format_path(char *, const char *);
+int	ftpd_pclose(FILE *);
+FILE   *ftpd_popen(char *[], const char *, int);
+char   *getline(char *, int, FILE *);
+void	init_curclass(void);
+void	logxfer(const char *, off_t, const char *, const char *,
+	    const struct timeval *, const char *);
+#if 0
+void	logwtmp(const char *, const char *, const char *);
+#endif
+struct tab *lookup(struct tab *, const char *);
+void	makedir(const char *);
+void	mlsd(const char *);
+void	mlst(const char *);
+void	opts(const char *);
+void	parse_conf(const char *);
+void	pass(const char *);
+void	passive(void);
+int	lpsvproto2af(int);
+int	af2lpsvproto(int);
+int	epsvproto2af(int);
+int	af2epsvproto(int);
+void	long_passive(char *, int);
+int	extended_port(const char *);
+void	epsv_protounsupp(const char *);
+void	perror_reply(int, const char *);
+void	pwd(void);
+void	removedir(const char *);
+void	renamecmd(const char *, const char *);
+char   *renamefrom(const char *);
+void	reply(int, const char *, ...)
+	    ;
+void	retrieve(char *[], const char *);
+void	send_file_list(const char *);
+void	show_chdir_messages(int);
+void	sizecmd(const char *);
+void	statcmd(void);
+void	statfilecmd(const char *);
+void	statxfer(void);
+void	store(const char *, const char *, int);
+LLT	strsuftoll(const char *);
+void	user(const char *);
+char   *xstrdup(const char *);
+void	yyerror(char *);
+
+#include <netinet/in.h>
+
+#ifdef BSD4_4
+# define HAVE_SETPROCTITLE	1
+# define HAVE_SOCKADDR_SA_LEN	1
+#endif
+
+struct sockinet {
+	union sockunion {
+		struct sockaddr_in  su_sin;
+#ifdef INET6
+		struct sockaddr_in6 su_sin6;
+#endif
+	} si_su;
+#if !HAVE_SOCKADDR_SA_LEN
+	int	si_len;
+#endif
+};
+
+#if !HAVE_SOCKADDR_SA_LEN
+# define su_len		si_len
+#else
+# define su_len		si_su.su_sin.sin_len
+#endif
+#define su_addr		si_su.su_sin.sin_addr
+#define su_family	si_su.su_sin.sin_family
+#define su_port		si_su.su_sin.sin_port
+#ifdef INET6
+# define su_6addr	si_su.su_sin6.sin6_addr
+# define su_scope_id	si_su.su_sin6.sin6_scope_id
+#endif
+
+struct tab {
+	char	*name;
+	short	 token;
+	short	 state;
+	short	 flags;	/* 1 if command implemented, 2 if has options,
+	                   4 if can occur OOB */
+	char	*help;
+	char	*options;
+};
+
+struct ftpconv {
+	struct ftpconv	*next;
+	char		*suffix;	/* Suffix of requested name */
+	char		*types;		/* Valid file types */
+	char		*disable;	/* File to disable conversions */
+	char		*command;	/* Command to do the conversion */
+};
+
+typedef enum {
+	CLASS_GUEST,
+	CLASS_CHROOT,
+	CLASS_REAL
+} class_ft;
+
+typedef enum {
+	FLAG_checkportcmd =	1<<0,	/* Check port commands */
+	FLAG_modify =		1<<1,	/* Allow CHMOD, DELE, MKD, RMD, RNFR,
+					   UMASK */
+	FLAG_passive =		1<<2,	/* Allow PASV mode */
+	FLAG_sanenames =	1<<3,	/* Restrict names of uploaded files */ 
+	FLAG_upload =		1<<4	/* As per modify, but also allow
+					   APPE, STOR, STOU */
+} classflag_t;
+
+#define CURCLASS_FLAGS_SET(x)	(curclass.flags |=  (FLAG_ ## x))
+#define CURCLASS_FLAGS_CLR(x)	(curclass.flags &= ~(FLAG_ ## x))
+#define CURCLASS_FLAGS_ISSET(x)	(curclass.flags &   (FLAG_ ## x))
+
+struct ftpclass {
+	struct sockinet	 advertise;	/* PASV address to advertise as */
+	char		*chroot;	/* Directory to chroot(2) to at login */
+	char		*classname;	/* Current class */
+	struct ftpconv	*conversions;	/* List of conversions */
+	char		*display;	/* File to display upon chdir */
+	char		*homedir;	/* Directory to chdir(2) to at login */
+	classflag_t	 flags;		/* Flags; see classflag_t above */
+	int	 	 limit;		/* Max connections (-1 = unlimited) */
+	char		*limitfile;	/* File to display if limit reached */
+	LLT		 maxfilesize;	/* Maximum file size of uploads */
+	LLT		 maxrateget;	/* Maximum get transfer rate throttle */
+	LLT		 maxrateput;	/* Maximum put transfer rate throttle */
+	unsigned int	 maxtimeout;	/* Maximum permitted timeout */
+	char		*motd;		/* MotD file to display after login */
+	char		*notify;	/* Files to notify about upon chdir */
+	int		 portmin;	/* Minumum port for passive mode */
+	int		 portmax;	/* Maximum port for passive mode */
+	LLT		 rateget;	/* Get (RETR) transfer rate throttle */
+	LLT		 rateput;	/* Put (STOR) transfer rate throttle */
+	unsigned int	 timeout;	/* Default timeout */
+	class_ft	 type;		/* Class type */
+	mode_t		 umask;		/* Umask to use */
+};
+
+extern void		ftp_loop(void) __attribute__ ((noreturn));
+extern void		ftp_handle_line(char *);
+
+#ifndef	GLOBAL
+#define	GLOBAL	extern
+#endif
+
+
+GLOBAL	struct sockinet ctrl_addr;
+GLOBAL	struct sockinet	data_dest;
+GLOBAL	struct sockinet	data_source;
+GLOBAL	struct sockinet	his_addr;
+GLOBAL	struct sockinet	pasv_addr;
+GLOBAL	int		connections;
+GLOBAL	struct ftpclass	curclass;
+GLOBAL	int		debug;
+GLOBAL	jmp_buf		errcatch;
+GLOBAL	char		*emailaddr;
+GLOBAL	int		form;
+GLOBAL	int		gidcount;	/* number of entries in gidlist[] */
+GLOBAL	gid_t		gidlist[NGROUPS_MAX];
+GLOBAL	int		hasyyerrored;
+GLOBAL	char		hostname[MAXHOSTNAMELEN+1];
+GLOBAL	char		homedir[MAXPATHLEN];
+#ifdef KERBEROS5
+GLOBAL	krb5_context	kcontext;
+#endif
+GLOBAL	int		logged_in;
+GLOBAL	int		logging;
+GLOBAL	int		pdata;			/* for passive mode */
+#if HAVE_SETPROCTITLE
+GLOBAL	char		proctitle[BUFSIZ];	/* initial part of title */
+#endif
+GLOBAL	struct passwd  *pw;
+GLOBAL	int		quietmessages;
+GLOBAL	char		remotehost[MAXHOSTNAMELEN+1];
+GLOBAL	off_t		restart_point;
+GLOBAL	char		tmpline[FTP_BUFLEN];
+GLOBAL	sig_atomic_t	transflag;
+GLOBAL	int		type;
+GLOBAL	int		usedefault;		/* for data transfers */
+GLOBAL	const char     *version;
+GLOBAL	int		is_oob;
+
+						/* total file data bytes */
+GLOBAL	off_t		total_data_in,  total_data_out,  total_data;
+						/* total number of data files */
+GLOBAL	off_t		total_files_in, total_files_out, total_files;
+						/* total bytes */
+GLOBAL	off_t		total_bytes_in, total_bytes_out, total_bytes;
+						/* total number of xfers */
+GLOBAL	off_t		total_xfers_in, total_xfers_out, total_xfers;
+
+extern	struct tab	cmdtab[];
+
+#define	INTERNAL_LS	"/bin/ls"
+
+
+#define CMD_IMPLEMENTED(x)	((x)->flags != 0)
+#define CMD_HAS_OPTIONS(x)	((x)->flags & 0x2)
+#define CMD_OOB(x)		((x)->flags & 0x4)
+
+#define	CPUTC(c, f)	do { \
+				putc(c, f); total_bytes++; total_bytes_out++; \
+			} while (0);
+
+#define CURCLASSTYPE	curclass.type == CLASS_GUEST  ? "GUEST"  : \
+		    	curclass.type == CLASS_CHROOT ? "CHROOT" : \
+		    	curclass.type == CLASS_REAL   ? "REAL"   : \
+			"<unknown>"
+
+#define ISDOTDIR(x)	(x[0] == '.' && x[1] == '\0')
+#define ISDOTDOTDIR(x)	(x[0] == '.' && x[1] == '.' && x[2] == '\0')
+
+#define EMPTYSTR(p)	((p) == NULL || *(p) == '\0')
+#define NEXTWORD(P, W)	do { \
+				(W) = strsep(&(P), " \t"); \
+			} while ((W) != NULL && *(W) == '\0')
+#define PLURAL(s)	((s) == 1 ? "" : "s")
+#define REASSIGN(X,Y)	do { if (X) free(X); (X)=(Y); } while (/*CONSTCOND*/0)
+
+#ifndef IPPORT_ANONMAX
+# define IPPORT_ANONMAX	65535
+#endif

contrib/lukemftpd/src/ftpd.8

@@ -0,0 +1,833 @@
+.\"	$NetBSD: ftpd.8,v 1.63 2000/12/18 02:32:51 lukem Exp $
+.\"
+.\" Copyright (c) 1997-2000 The NetBSD Foundation, Inc.
+.\" All rights reserved.
+.\"
+.\" This code is derived from software contributed to The NetBSD Foundation
+.\" by Luke Mewburn.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. All advertising materials mentioning features or use of this software
+.\"    must display the following acknowledgement:
+.\"        This product includes software developed by the NetBSD
+.\"        Foundation, Inc. and its contributors.
+.\" 4. Neither the name of The NetBSD Foundation nor the names of its
+.\"    contributors may be used to endorse or promote products derived
+.\"    from this software without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+.\" POSSIBILITY OF SUCH DAMAGE.
+.\"
+.\" Copyright (c) 1985, 1988, 1991, 1993
+.\"	The Regents of the University of California.  All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. All advertising materials mentioning features or use of this software
+.\"    must display the following acknowledgement:
+.\"	This product includes software developed by the University of
+.\"	California, Berkeley and its contributors.
+.\" 4. Neither the name of the University nor the names of its contributors
+.\"    may be used to endorse or promote products derived from this software
+.\"    without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\"     @(#)ftpd.8	8.2 (Berkeley) 4/19/94
+.\"
+.Dd December 18, 2000
+.Dt FTPD 8
+.Os
+.Sh NAME
+.Nm ftpd
+.Nd
+Internet File Transfer Protocol server
+.Sh SYNOPSIS
+.Nm
+.Op Fl dHlqQrsuUwWX
+.Op Fl a Ar anondir
+.Op Fl c Ar confdir
+.Op Fl C Ar user
+.Op Fl e Ar emailaddr
+.Op Fl h Ar hostname
+.Op Fl P Ar dataport
+.Op Fl V Ar version
+.Sh DESCRIPTION
+.Nm
+is the Internet File Transfer Protocol server process.
+The server uses the
+.Tn TCP
+protocol and listens at the port specified in the
+.Dq ftp
+service specification; see
+.Xr services 5 .
+.Pp
+Available options:
+.Bl -tag -width Ds
+.It Fl a Ar anondir
+Define
+.Ar anondir
+as the directory to
+.Xr chroot 2
+into for anonymous logins.
+Default is the home directory for the ftp user.
+This can also be specified with the
+.Xr ftpd.conf 5
+.Sy chroot
+directive.
+.It Fl c Ar confdir
+Change the root directory of the configuration files from
+.Dq Pa /etc
+to
+.Ar confdir .
+This changes the directory for the following files:
+.Pa /etc/ftpchroot ,
+.Pa /etc/ftpusers ,
+.Pa /etc/ftpwelcome ,
+.Pa /etc/motd ,
+and the file specified by the
+.Xr ftpd.conf 5
+.Sy limit
+directive.
+.It Fl C Ar user
+Check whether
+.Ar user
+would be granted access under
+the restrictions given in
+.Xr ftpusers 5
+and exit without attempting a connection.
+.Nm
+exits with an exit code of 0 if access would be granted, or 1 otherwise.
+This can be useful for testing configurations.
+.It Fl d
+Debugging information is written to the syslog using a facility of
+.Dv LOG_FTP .
+.It Fl e Ar emailaddr
+Use
+.Ar emailaddr
+for the
+.Dq "\&%E"
+escape sequence (see
+.Sx Display file escape sequences )
+.It Fl h Ar hostname
+Explicitly set the hostname to advertise as to
+.Ar hostname .
+The default is the hostname associated with the IP address that
+.Nm
+is listening on.
+This ability (with or without
+.Fl h ) ,
+in conjunction with 
+.Fl c Ar confdir ,
+is useful when configuring
+.Sq virtual
+.Tn FTP
+servers, each listening on separate addresses as separate names.
+Refer to
+.Xr inetd.conf 5
+for more information on starting services to listen on specific IP addresses.
+.It Fl H
+Equivalent to
+.Do
+-h
+`hostname`
+.Dc .
+.It Fl l
+Each successful and failed
+.Tn FTP
+session is logged using syslog with a facility of
+.Dv LOG_FTP .
+If this option is specified more than once, the retrieve (get), store (put),
+append, delete, make directory, remove directory and rename operations and
+their file name arguments are also logged.
+.It Fl P Ar dataport
+Use
+.Ar dataport
+as the data port, overriding the default of using the port one less
+that the port
+.Nm
+is listening on.
+.It Fl q
+Enable the use of pid files for keeping track of the number of logged-in
+users per class.
+This is the default.
+.It Fl Q
+Disable the use of pid files for keeping track of the number of logged-in
+users per class.
+This may reduce the load on heavily loaded
+.Tn FTP
+servers.
+.It Fl r
+Permanently drop root privileges once the user is logged in.
+The use of this option may result in the server using a port other
+than the (listening-port - 1) for
+.Sy PORT
+style commands, which is contrary to the
+.Cm RFC 959
+specification, but in practice very few clients rely upon this behaviour.
+See
+.Sx SECURITY CONSIDERATIONS
+below for more details.
+.It Fl s
+Require a secure authentication mechanism like Kerberos or S/Key to be used.
+.It Fl u
+Log each concurrent
+.Tn FTP
+session to
+.Pa /var/run/utmp ,
+making them visible to commands such as
+.Xr who 1 .
+.It Fl U
+Don't log each concurrent
+.Tn FTP
+session to
+.Pa /var/run/utmp .
+This is the default.
+.It Fl V Ar version
+Use
+.Ar version
+as the version to advertise in the login banner and in the output of
+.Sy STAT
+and
+.Sy SYST
+instead of the default version information.
+If
+.Ar version
+is empty or
+.Sq -
+then don't display any version information.
+.It Fl w
+Log each
+.Tn FTP
+session to
+.Pa /var/log/wtmp ,
+making them visible to commands such as
+.Xr last 1 .
+This is the default.
+.It Fl W
+Don't log each
+.Tn FTP
+session to
+.Pa /var/log/wtmp .
+.It Fl X
+Log
+.Tn wu-ftpd
+style
+.Sq xferlog
+entries to the syslog, prefixed with
+.Dq "xferlog:\ " ,
+using a facility of
+.Dv LOG_FTP .
+These syslog entries can be converted to a
+.Tn wu-ftpd
+style
+.Pa xferlog
+file suitable for input into a third-party log analysis tool with a command
+similar to:
+.Dl "grep 'xferlog: ' /var/log/xferlog | \e"
+.Dl "\ \ \ sed -e 's/^.*xferlog: //' > wuxferlog"
+.El
+.Pp
+The file
+.Pa /etc/nologin
+can be used to disable
+.Tn FTP
+access.
+If the file exists,
+.Nm
+displays it and exits.
+If the file
+.Pa /etc/ftpwelcome
+exists,
+.Nm
+prints it before issuing the
+.Dq ready
+message.
+If the file
+.Pa /etc/motd
+exists (under the chroot directory if applicable),
+.Nm
+prints it after a successful login.
+This may be changed with the
+.Xr ftpd.conf 5
+directive
+.Sy motd .
+.Pp
+The
+.Nm
+server currently supports the following
+.Tn FTP
+requests.
+The case of the requests is ignored.
+.Bl -column "Request" -offset indent
+.It Sy Request Ta Sy Description
+.It ABOR Ta "abort previous command"
+.It ACCT Ta "specify account (ignored)"
+.It ALLO Ta "allocate storage (vacuously)"
+.It APPE Ta "append to a file"
+.It CDUP Ta "change to parent of current working directory"
+.It CWD Ta "change working directory"
+.It DELE Ta "delete a file"
+.It EPSV Ta "prepare for server-to-server transfer"
+.It EPRT Ta "specify data connection port"
+.It FEAT Ta "list extra features that are not defined in" Cm "RFC 959"
+.It HELP Ta "give help information"
+.It LIST Ta "give list files in a directory" Pq Dq Li "ls -lA"
+.It LPSV Ta "prepare for server-to-server transfer"
+.It LPRT Ta "specify data connection port"
+.It MLSD Ta "list contents of directory in a machine-processable form"
+.It MLST Ta "show a pathname in a machine-processable form"
+.It MKD Ta "make a directory"
+.It MDTM Ta "show last modification time of file"
+.It MODE Ta "specify data transfer" Em mode
+.It NLST Ta "give name list of files in directory"
+.It NOOP Ta "do nothing"
+.It OPTS Ta "define persistent options for a given command"
+.It PASS Ta "specify password"
+.It PASV Ta "prepare for server-to-server transfer"
+.It PORT Ta "specify data connection port"
+.It PWD Ta "print the current working directory"
+.It QUIT Ta "terminate session"
+.It REST Ta "restart incomplete transfer"
+.It RETR Ta "retrieve a file"
+.It RMD Ta "remove a directory"
+.It RNFR Ta "specify rename-from file name"
+.It RNTO Ta "specify rename-to file name"
+.It SITE Ta "non-standard commands (see next section)"
+.It SIZE Ta "return size of file"
+.It STAT Ta "return status of server"
+.It STOR Ta "store a file"
+.It STOU Ta "store a file with a unique name"
+.It STRU Ta "specify data transfer" Em structure
+.It SYST Ta "show operating system type of server system"
+.It TYPE Ta "specify data transfer" Em type
+.It USER Ta "specify user name"
+.It XCUP Ta "change to parent of current working directory (deprecated)"
+.It XCWD Ta "change working directory (deprecated)"
+.It XMKD Ta "make a directory (deprecated)"
+.It XPWD Ta "print the current working directory (deprecated)"
+.It XRMD Ta "remove a directory (deprecated)"
+.El
+.Pp
+The following non-standard or
+.Ux
+specific commands are supported by the SITE request.
+.Pp
+.Bl -column Request -offset indent
+.It Sy Request Ta Sy Description
+.It CHMOD Ta "change mode of a file, e.g. ``SITE CHMOD 755 filename''"
+.It HELP Ta "give help information."
+.It IDLE Ta "set idle-timer, e.g. ``SITE IDLE 60''"
+.It RATEGET Ta "set maximum get rate throttle in bytes/second, e.g. ``SITE RATEGET 5k''"
+.It RATEPUT Ta "set maximum put rate throttle in bytes/second, e.g. ``SITE RATEPUT 5k''"
+.It UMASK Ta "change umask, e.g. ``SITE UMASK 002''"
+.El
+.Pp
+The following
+.Tn FTP
+requests (as specified in
+.Cm RFC 959 )
+are recognized, but are not implemented:
+.Sy ACCT ,
+.Sy SMNT ,
+and
+.Sy REIN .
+.Sy MDTM
+and
+.Sy SIZE
+are not specified in
+.Cm RFC 959 ,
+but will appear in the
+next updated
+.Tn FTP
+RFC.
+.Pp
+The
+.Nm
+server will abort an active file transfer only when the
+.Sy ABOR
+command is preceded by a Telnet "Interrupt Process" (IP)
+signal and a Telnet "Synch" signal in the command Telnet stream,
+as described in Internet
+.Cm RFC 959 .
+If a
+.Sy STAT
+command is received during a data transfer, preceded by a Telnet IP
+and Synch, transfer status will be returned.
+.Pp
+.Nm
+interprets file names according to the
+.Dq globbing
+conventions used by
+.Xr csh 1 .
+This allows users to utilize the metacharacters
+.Dq Li \&*?[]{}~ .
+.Sh User authentication
+.Pp
+.Nm
+authenticates users according to five rules.
+.Pp
+.Bl -enum -offset indent
+.It
+The login name must be in the password data base,
+.Pa /etc/pwd.db ,
+and not have a null password.
+In this case a password must be provided by the client before any
+file operations may be performed.
+If the user has an S/Key key, the response from a successful
+.Sy USER
+command will include an S/Key challenge.
+The client may choose to respond with a
+.Sy PASS
+command giving either
+a standard password or an S/Key one-time password.
+The server will automatically determine which type of password it
+has been given and attempt to authenticate accordingly.
+See
+.Xr skey 1
+for more information on S/Key authentication.
+S/Key is a Trademark of Bellcore.
+.It
+The login name must be allowed based on the information in
+.Xr ftpusers 5 .
+.It
+The user must have a standard shell returned by
+.Xr getusershell 3 .
+If the user's shell field in the password database is empty, the
+shell is assumed to be
+.Pa /bin/sh .
+.It
+If directed by the file
+.Xr ftpchroot 5
+the session's root directory will be changed by
+.Xr chroot 2
+to the directory specified in the
+.Xr ftpd.conf 5
+.Sy chroot
+directive (if set),
+or to the home directory of the user.
+However, the user must still supply a password.
+This feature is intended as a compromise between a fully anonymous account
+and a fully privileged account.
+The account should also be set up as for an anonymous account.
+.It
+If the user name is
+.Dq anonymous
+or
+.Dq ftp ,
+an
+anonymous
+.Tn FTP
+account must be present in the password
+file (user
+.Dq ftp ) .
+In this case the user is allowed
+to log in by specifying any password (by convention an email address for
+the user should be used as the password).
+.Pp
+The server performs a
+.Xr chroot 2
+to the directory specified in the
+.Xr ftpd.conf 5
+.Sy chroot
+directive (if set),
+the
+.Fl a Ar anondir
+directory (if set),
+or to the home directory of the
+.Dq ftp
+user.
+.Pp
+The server then performs a
+.Xr chdir 2
+to the directory specified in the
+.Xr ftpd.conf 5
+.Sy homedir
+directive (if set), otherwise to
+.Pa / .
+.Pp
+If other restrictions are required (such as disabling of certain
+commands and the setting of a specific umask), then appropriate
+entries in
+.Xr ftpd.conf 5
+are required.
+.Pp
+If the first character of the password supplied by an anonymous user
+is
+.Dq - ,
+then the verbose messages displayed at login and upon a
+.Sy CWD
+command are suppressed.
+.El
+.Sh Display file escape sequences
+.Pp
+When
+.Nm
+displays various files back to the client (such as
+.Pa /etc/ftpwelcome
+and
+.Pa /etc/motd ) ,
+various escape strings are replaced with information pertinent
+to the current connection.
+.Pp
+The supported escape strings are:
+.Bl -tag -width "Escape" -offset indent -compact
+.It Sy "Escape"
+.Sy Description
+.It "\&%c"
+Class name.
+.It "\&%C"
+Current working directory.
+.It "\&%E"
+Email address given with
+.Fl e .
+.It "\&%L"
+Local hostname.
+.It "\&%M"
+Maximum number of users for this class.
+Displays
+.Dq unlimited
+if there's no limit.
+.It "\&%N"
+Current number of users for this class.
+.It "\&%R"
+Remote hostname.
+.It "\&%s"
+If the result of the most recent
+.Dq "\&%M"
+or
+.Dq "\&%N"
+was not
+.Dq Li 1 ,
+print an
+.Dq s .
+.It "\&%S"
+If the result of the most recent
+.Dq "\&%M"
+or
+.Dq "\&%N"
+was not
+.Dq Li 1 ,
+print an
+.Dq S .
+.It "\&%T"
+Current time.
+.It "\&%U"
+User name.
+.It "\&%\&%"
+A
+.Dq \&%
+character.
+.El
+.Sh Setting up a restricted ftp subtree
+.Pp
+In order that system security is not breached, it is recommended
+that the
+subtrees for the
+.Dq ftp
+and
+.Dq chroot
+accounts be constructed with care, following these rules
+(replace
+.Dq ftp
+in the following directory names
+with the appropriate account name for
+.Sq chroot
+users):
+.Bl -tag -width "~ftp/incoming" -offset indent
+.It Pa ~ftp
+Make the home directory owned by
+.Dq root
+and unwritable by anyone.
+.It Pa ~ftp/bin
+Make this directory owned by
+.Dq root
+and unwritable by anyone (mode 555).
+Generally any conversion commands should be installed
+here (mode 111).
+.It Pa ~ftp/etc
+Make this directory owned by
+.Dq root
+and unwritable by anyone (mode 555).
+The files
+.Pa pwd.db
+(see
+.Xr passwd 5 )
+and
+.Pa group
+(see
+.Xr group 5 )
+must be present for the
+.Sy LIST
+command to be able to display owner and group names instead of numbers.
+The password field in
+.Xr passwd 5
+is not used, and should not contain real passwords.
+The file
+.Pa motd ,
+if present, will be printed after a successful login.
+These files should be mode 444.
+.It Pa ~ftp/pub
+This directory and the subdirectories beneath it should be owned
+by the users and groups responsible for placing files in them,
+and be writable only by them (mode 755 or 775).
+They should
+.Em not
+be owned or writable by ftp or its group.
+.It Pa ~ftp/incoming
+This directory is where anonymous users place files they upload.
+The owners should be the user
+.Dq ftp
+and an appropriate group.
+Members of this group will be the only users with access to these
+files after they have been uploaded; these should be people who
+know how to deal with them appropriately.
+If you wish anonymous
+.Tn FTP
+users to be able to see the names of the
+files in this directory the permissions should be 770, otherwise
+they should be 370.
+.Pp
+The following
+.Xr ftpd.conf 5
+directives should be used:
+.Dl "modify guest off"
+.Dl "umask  guest 0707"
+.Pp
+This will result in anonymous users being able to upload files to this
+directory, but they will not be able to download them, delete them, or
+overwrite them, due to the umask and disabling of the commands mentioned
+above.
+.It Pa ~ftp/tmp
+This directory is used to create temporary files which contain
+the error messages generated by a conversion or
+.Sy LIST
+command.
+The owner should be the user
+.Dq ftp .
+The permissions should be 300.
+.Pp
+If you don't enable conversion commands, or don't want anonymous users
+uploading files here (see
+.Pa ~ftp/incoming
+above), then don't create this directory.
+However, error messages from conversion or
+.Sy LIST
+commands won't be returned to the user.
+(This is the traditional behaviour.)
+Note that the
+.Xr ftpd.conf 5
+directive
+.Sy upload
+can be used to prevent users uploading here.
+.El
+.Pp
+To set up "ftp-only" accounts that provide only
+.Tn FTP ,
+but no valid shell
+login, you can copy/link
+.Pa /sbin/nologin
+to
+.Pa /sbin/ftplogin ,
+and enter 
+.Pa /sbin/ftplogin 
+to
+.Pa /etc/shells
+to allow logging-in via
+.Tn FTP
+into the accounts, which must have
+.Pa /sbin/ftplogin 
+as login shell.
+.Sh FILES
+.Bl -tag -width /etc/ftpwelcome -compact
+.It Pa /etc/ftpchroot
+List of normal users who should be
+.Xr chroot 2 ed.
+.It Pa /etc/ftpd.conf
+Configure file conversions and other settings.
+.It Pa /etc/ftpusers
+List of unwelcome/restricted users.
+.It Pa /etc/ftpwelcome
+Welcome notice before login.
+.It Pa /etc/motd
+Welcome notice after login.
+.It Pa /etc/nologin
+If it exists, displayed and access is refused.
+.It Pa /var/run/ftpd.pids-CLASS
+State file of logged-in processes for the
+.Nm
+class
+.Sq CLASS .
+.It Pa /var/run/utmp
+List of logged-in users on the system.
+.It Pa /var/log/wtmp
+Login history database.
+.El
+.Sh SEE ALSO
+.Xr ftp 1 ,
+.Xr skey 1 ,
+.Xr who 1 ,
+.Xr getusershell 3 ,
+.Xr ftpd.conf 5 ,
+.Xr ftpchroot 5 ,
+.Xr ftpusers 5 ,
+.Xr syslogd 8
+.Sh STANDARDS
+.Nm
+recognizes all commands in 
+.Cm RFC 959 , 
+follows the guidelines in 
+.Cm RFC 1123 ,
+recognizes all commands in 
+.Cm RFC 2228
+(although they are not supported yet),
+and supports the extensions from
+.Cm RFC 2389 ,
+.Cm RFC 2428
+and
+.Cm draft-ietf-ftpext-mlst-11 .
+.Sh HISTORY
+The
+.Nm
+command appeared in
+.Bx 4.2 .
+.Pp
+Various features such as the
+.Xr ftpd.conf 5
+functionality,
+.Cm RFC 2389 ,
+and
+.Cm draft-ietf-ftpext-mlst-11
+support was implemented in
+.Nx 1.3
+and later releases by Luke Mewburn <lukem@netbsd.org>.
+.Sh BUGS
+The server must run as the super-user to create sockets with
+privileged port numbers (i.e, those less than
+.Dv IPPORT_RESERVED ,
+which is 1024).
+If
+.Nm
+is listening on a privileged port
+it maintains an effective user id of the logged in user, reverting
+to the super-user only when binding addresses to privileged sockets.
+The
+.Fl r
+option can be used to override this behaviour and force privileges to
+be permanently revoked; see
+.Sx SECURITY CONSIDERATIONS
+below for more details.
+.Pp
+.Nm
+may have trouble handling connections from scoped IPv6 addresses, or
+IPv4 mapped addresses
+.Po
+IPv4 connection on
+.Dv AF_INET6
+socket
+.Pc .
+For the latter case, running two daemons,
+one for IPv4 and one for IPv6, will avoid the problem.
+.Sh SECURITY CONSIDERATIONS
+.Cm RFC 959
+provides no restrictions on the
+.Sy PORT
+command, and this can lead to security problems, as
+.Nm
+can be fooled into connecting to any service on any host.
+With the
+.Dq checkportcmd
+feature of the
+.Xr ftpd.conf 5 ,
+.Sy PORT
+commands with different host addresses, or TCP ports lower than
+.Dv IPPORT_RESERVED
+will be rejected.
+This also prevents
+.Sq third-party proxy ftp
+from working.
+Use of this option is
+.Em strongly
+recommended, and enabled by default.
+.Pp
+By default
+.Nm
+uses a port that is one less than the port it is listening on to
+communicate back to the client for the
+.Sy EPRT ,
+.Sy LPRT ,
+and
+.Sy PORT
+commands, unless overridden with
+.Fl P Ar dataport .
+As the default port for
+.Nm
+(21) is a privileged port below
+.Dv IPPORT_RESERVED ,
+.Nm
+retains the ability to switch back to root privileges to bind these
+ports.
+In order to increase security by reducing the potential for a bug in
+.Nm
+providing a remote root compromise,
+.Nm
+will permanently drop root privileges if one of the following is true:
+.Bl -enum -offset indent
+.It
+.Nm
+is running on a port greater than
+.Dv IPPORT_RESERVED
+and the user has logged in as a
+.Sq guest
+or 
+.Sq chroot
+user.
+.It
+.Nm
+was invoked with
+.Fl r .
+.El
+.Pp
+Don't create
+.Pa ~ftp/tmp
+if you don't want anonymous users to upload files there.
+That directory is only necessary if you want to display the error
+messages of conversion commands to the user.
+Note that if uploads are disabled with the
+.Xr ftpd.conf 5
+directive
+.Sy upload ,
+then this directory cannot be abused by the user in this way, so it
+should be safe to create.

contrib/lukemftpd/src/ftpd.conf.5

@@ -0,0 +1,587 @@
+.\"	$NetBSD: ftpd.conf.5,v 1.15 2000/12/18 02:32:51 lukem Exp $
+.\"
+.\" Copyright (c) 1997-2000 The NetBSD Foundation, Inc.
+.\" All rights reserved.
+.\"
+.\" This code is derived from software contributed to The NetBSD Foundation
+.\" by Luke Mewburn.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. All advertising materials mentioning features or use of this software
+.\"    must display the following acknowledgement:
+.\"        This product includes software developed by the NetBSD
+.\"        Foundation, Inc. and its contributors.
+.\" 4. Neither the name of The NetBSD Foundation nor the names of its
+.\"    contributors may be used to endorse or promote products derived
+.\"    from this software without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+.\" POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd December 18, 2000
+.Dt FTPD.CONF 5
+.Os
+.Sh NAME
+.Nm ftpd.conf
+.Nd
+.Xr ftpd 8
+configuration file
+.Sh DESCRIPTION
+The
+.Nm
+file specifies various configuration options for
+.Xr ftpd 8
+that apply once a user has authenticated their connection.
+.Pp
+.Nm
+consists of a series of lines, each of which may contain a
+configuration directive, a comment, or a blank line.
+Directives that appear later in the file override settings by previous
+directives.
+This allows
+.Sq wildcard
+entries to define defaults, and then have class-specific overrides.
+.Pp
+A directive line has the format:
+.Dl command class [arguments]
+.Pp
+A
+.Dq \e
+is the escape character; it can be used to escape the meaning of the
+comment character, or if it is the last character on a line, extends
+a configuration directive across multiple lines.
+A
+.Dq #
+is the comment character, and all characters from it to the end of
+line are ignored (unless it is escaped with the escape character).
+.Pp
+Each authenticated user is a member of a
+.Em class ,
+which is determined by
+.Xr ftpusers 5 .
+.Em class
+is used to determine which
+.Nm
+entries apply to the user.
+The following special classes exist when parsing entries in
+.Nm "" :
+.Bl -tag -width "chroot" -compact -offset indent
+.It Sy all
+Matches any class.
+.It Sy none
+Matches no class.
+.El
+.Pp
+Each class has a type, which may be one of:
+.Bl -tag -width "CHROOT" -offset indent
+.It Sy GUEST
+Guests (as per the
+.Dq anonymous
+and
+.Dq ftp
+logins).
+A
+.Xr chroot 2
+is performed after login.
+.It Sy CHROOT
+.Xr chroot 2 ed
+users (as per
+.Xr ftpchroot 5 ) .
+A
+.Xr chroot 2
+is performed after login.
+.It Sy REAL
+Normal users.
+.El
+.Pp
+The
+.Xr ftpd 8
+.Sy STAT
+command will return the class settings for the current user as defined by
+.Nm "" .
+.Pp
+Each configuration line may be one of:
+.Bl -tag -width 4n
+.It Sy advertise Ar class Ar host
+Set the address to advertise in the response to the
+.Sy PASV
+and
+.Sy LPSV
+commands to the address for
+.Ar host
+(which may be either a host name or IP address).
+This may be useful in some firewall configurations, although many
+ftp clients may not work if the address being advertised is different
+to the address that they've connected to.
+If
+.Ar class
+is
+.Dq none
+or no argument is given, disable this.
+.It Sy checkportcmd Ar class Op Sy off
+Check the
+.Sy PORT
+command for validity.
+The
+.Sy PORT
+command will fail if the IP address specified does not match the
+.Tn FTP
+command connection, or if the remote TCP port number is less than
+.Dv IPPORT_RESERVED .
+It is
+.Em strongly
+encouraged that this option be used, espcially for sites concerned
+with potential security problems with
+.Tn FTP
+bounce attacks.
+If
+.Ar class
+is
+.Dq none
+or
+.Sy off
+is given, disable this feature, otherwise enable it.
+.It Sy chroot Ar class Op Sy pathformat
+If
+.Ar pathformat
+is not given or
+.Ar class
+is
+.Dq none ,
+use the default behaviour (see below).
+Otherwise,
+.Ar pathformat
+is parsed to create a directory to create as the root directory with
+.Xr chroot 2
+into upon login.
+.Pp
+.Ar pathformat
+can contain the following escape strings:
+.Bl -tag -width "Escape" -offset indent -compact
+.It Sy "Escape"
+.Sy Description
+.It "\&%c"
+Class name.
+.It "\&%d"
+Home directory of user.
+.It "\&%u"
+User name.
+.It "\&%\&%"
+A
+.Dq \&%
+character.
+.El
+.Pp
+The default root directory is:
+.Bl -tag -width "CHROOT" -offset indent -compact
+.It Sy CHROOT
+The user's home directory.
+.It Sy GUEST
+If
+.Fl a Ar anondir
+is given, use
+.Ar anondir ,
+otherwise the home directory of the
+.Sq ftp
+user.
+.It Sy REAL
+By default no
+.Xr chroot 2
+is performed.
+.El
+.It Sy classtype Ar class Ar type
+Set the class type of
+.Ar class
+to
+.Ar type 
+(see above).
+.It Xo Sy conversion Ar class
+.Ar suffix Op Ar "type disable command"
+.Xc
+Define an automatic in-line file conversion.
+If a file to retrieve ends in
+.Ar suffix ,
+and a real file (sans
+.Ar suffix )
+exists, then the output of
+.Ar command
+is returned instead of the contents of the file.
+.Pp
+.Bl -tag -width "disable" -offset indent
+.It Ar suffix
+The suffix to initiate the conversion.
+.It Ar type
+A list of valid filetypes for the conversion.
+Valid types are:
+.Sq f
+(file), and
+.Sq d
+(directory).
+.It Ar disable
+The name of file that will prevent conversion if it exists.
+A file name of
+.Dq Pa \&.
+will prevent this disabling action
+(i.e., the conversion is always permitted.)
+.It Ar command
+The command to run for the conversion.
+The first word should be the full path name
+of the command, as
+.Xr execv 3
+is used to execute the command.
+All instances of the word
+.Dq %s
+in
+.Ar command
+are replaced with the requested file (sans
+.Ar suffix ) .
+.El
+.Pp
+Conversion directives specified later in the file override earlier
+conversions with the same suffix.
+.It Sy display Ar class Op Ar file
+If
+.Ar file
+is not given or
+.Ar class
+is
+.Dq none ,
+disable this.
+Otherwise, each time the user enters a new directory, check if
+.Ar file
+exists, and if so, display its contents to the user.
+Escape sequences are supported; refer to
+.Sx Display file escape sequences
+in
+.Xr ftpd 8
+for more information.
+.It Sy homedir Ar class Op Sy pathformat
+If
+.Ar pathformat
+is not given or
+.Ar class
+is
+.Dq none ,
+use the default behaviour (see below).
+Otherwise,
+.Ar pathformat
+is parsed to create a directory to change into upon login, and to use
+as the
+.Sq home
+directory of the user for tilde expansion in pathnames, etc.
+.Ar pathformat
+is parsed as per the
+.Sy chroot
+directive.
+.Pp
+The default home directory is the home directory of the user for
+.Sy REAL
+users, and
+.Pa /
+for
+.Sy GUEST
+and
+.Sy CHROOT
+users.
+.It Xo Sy limit Ar class
+.Ar count Op Ar file
+.Xc
+Limit the maximum number of concurrent connections for
+.Ar class
+to
+.Ar count ,
+with
+.Sq 0
+meaning unlimited connections.
+If the limit is exceeded and
+.Ar file
+is given, display its contents to the user.
+If
+.Ar class
+is
+.Dq none
+or
+.Ar count
+is not specified, disable this.
+If
+.Ar file
+is a relative path, it will be searched for in
+.Pa /etc
+(which can be overridden with
+.Fl c Ar confdir ) .
+.It Sy maxfilesize Ar class Ar size
+Set the maximum size of an uploaded file to
+.Ar size .
+If
+.Ar class
+is
+.Dq none
+or no argument is given, disable this.
+.It Sy maxtimeout Ar class Ar time
+Set the maximum timeout period that a client may request,
+defaulting to two hours.
+This cannot be less than 30 seconds, or the value for
+.Sy timeout .
+If
+.Ar class
+is
+.Dq none
+or
+.Ar time
+is not specified, set to default of 2 hours.
+.It Sy modify Ar class Op Sy off
+If
+.Ar class
+is
+.Dq none
+or
+.Sy off
+is given, disable the following commands:
+.Sy CHMOD ,
+.Sy DELE ,
+.Sy MKD ,
+.Sy RMD ,
+.Sy RNFR ,
+and
+.Sy UMASK .
+Otherwise, enable them.
+.It Sy motd Ar class Op Ar file
+If
+.Ar file
+is not given or
+.Ar class
+is
+.Dq none ,
+disable this.
+Otherwise, use
+.Ar file
+as the message of the day file to display after login.
+Escape sequences are supported; refer to
+.Sx Display file escape sequences
+in
+.Xr ftpd 8
+for more information.
+If
+.Ar file
+is a relative path, it will be searched for in
+.Pa /etc
+(which can be overridden with
+.Fl c Ar confdir ) .
+.It Sy notify Ar class Op Ar fileglob
+If
+.Ar fileglob
+is not given or
+.Ar class
+is
+.Dq none ,
+disable this.
+Otherwise, each time the user enters a new directory,
+notify the user of any files matching
+.Ar fileglob .
+.It Sy passive Ar class Op Sy off
+If
+.Ar class
+is
+.Dq none
+or
+.Sy off
+is given, disallow passive
+.Sy ( PASV ,
+.Sy LPSV ,
+and
+.Sy EPSV )
+connections.
+Otherwise, enable them.
+.It Sy portrange Ar class Ar min Ar max
+Set the range of port number which will be used for the passive data port.
+.Ar max
+must be greater than
+.Ar min ,
+and both numbers must be be between
+.Dv IPPORT_RESERVED 
+(1024) and 65535.
+If
+.Ar class
+is
+.Dq none
+or no arguments are given, disable this.
+.It Sy rateget Ar class Ar rate
+Set the maximum get
+.Pq Sy RETR
+transfer rate throttle for
+.Ar class
+to
+.Ar rate
+bytes per second.
+If
+.Ar rate
+is 0, the throttle is disabled.
+If
+.Ar class
+is
+.Dq none
+or no arguments are given, disable this.
+.Pp
+An optional suffix may be provided, which changes the intrepretation of
+.Ar rate
+as follows:
+.Bl -tag -width 3n -offset indent -compact
+.It b
+Causes no modification. (Default; optional)
+.It k
+Kilo; multiply the argument by 1024
+.It m
+Mega; multiply the argument by 1048576
+.It g
+Giga; multiply the argument by 1073741824
+.It t
+Tera; multiply the argument by 1099511627776
+.El
+.It Sy rateput Ar class Ar rate
+Set the maximum put
+.Pq Sy STOR
+transfer rate throttle for
+.Ar class
+to
+.Ar rate 
+bytes per second,
+which is parsed as per
+.Sy rateget Ar rate .
+If
+.Ar class
+is
+.Dq none
+or no arguments are given, disable this.
+.It Sy sanenames Ar class Op Sy off
+If
+.Ar class
+is
+.Dq none
+or
+.Sy off
+is given, allow uploaded file names to contain any characters valid for a
+file name.
+Otherwise, only permit file names which don't start with a
+.Sq \&.
+and only comprise of characters from the set
+.Dq [-+,._A-Za-z0-9] .
+.It Sy template Ar class Op Ar refclass
+Define
+.Ar refclass
+as the
+.Sq template
+for
+.Ar class ;
+any reference to
+.Ar refclass
+in following directives will also apply to members of
+.Ar class .
+This is useful to define a template class so that other classes which are
+to share common attributes can be easily defined without unnecessary
+duplication.
+There can be only one template defined at a time.
+If
+.Ar refclass
+is not given, disable the template for
+.Ar class .
+.It Sy timeout Ar class Ar time
+Set the inactivity timeout period.
+(the default is fifteen minutes).
+This cannot be less than 30 seconds, or greater than the value for
+.Sy maxtimeout .
+If
+.Ar class
+is
+.Dq none
+or
+.Ar time
+is not specified, set to the default of 15 minutes.
+.It Sy umask Ar class Ar umaskval
+Set the umask to
+.Ar umaskval .
+If
+.Ar class
+is
+.Dq none
+or
+.Ar umaskval
+is not specified, set to the default of 
+.Li 027 .
+.It Sy upload Ar class Op Sy off
+If
+.Ar class
+is
+.Dq none
+or
+.Sy off
+is given, disable the following commands:
+.Sy APPE ,
+.Sy STOR ,
+and
+.Sy STOU ,
+as well as the modify commands:
+.Sy CHMOD ,
+.Sy DELE ,
+.Sy MKD ,
+.Sy RMD ,
+.Sy RNFR ,
+and
+.Sy UMASK .
+Otherwise, enable them.
+.El
+.Sh DEFAULTS
+The following defaults are used:
+.Pp
+.Bd -literal -offset indent -compact
+checkportcmd  all
+classtype     chroot CHROOT
+classtype     guest  GUEST
+classtype     real   REAL
+display       none
+limit         all    -1     # unlimited connections
+maxtimeout    all    7200   # 2 hours
+modify        all
+motd          all    motd
+notify        none
+passive       all
+timeout       all    900    # 15 minutes
+umask         all    027
+upload        all
+modify        guest  off
+umask         guest  0707
+.Ed
+.Sh FILES
+.Bl -tag -width /usr/share/examples/ftpd/ftpd.conf -compact
+.It Pa /etc/ftpd.conf
+This file.
+.It Pa /usr/share/examples/ftpd/ftpd.conf
+A sample
+.Nm
+file.
+.El
+.Sh SEE ALSO
+.Xr ftpchroot 5 ,
+.Xr ftpusers 5 ,
+.Xr ftpd 8
+.Sh HISTORY
+The
+.Nm
+functionality was implemented in
+.Nx 1.3
+and later releases by Luke Mewburn, based on work by Simon Burge.

contrib/lukemftpd/src/ftpusers.5

@@ -0,0 +1,183 @@
+.\"	$NetBSD: ftpusers.5,v 1.10 2001/04/25 01:46:26 lukem Exp $
+.\"
+.\" Copyright (c) 1997-2001 The NetBSD Foundation, Inc.
+.\" All rights reserved.
+.\"
+.\" This code is derived from software contributed to The NetBSD Foundation
+.\" by Luke Mewburn.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"    notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"    notice, this list of conditions and the following disclaimer in the
+.\"    documentation and/or other materials provided with the distribution.
+.\" 3. All advertising materials mentioning features or use of this software
+.\"    must display the following acknowledgement:
+.\"        This product includes software developed by the NetBSD
+.\"        Foundation, Inc. and its contributors.
+.\" 4. Neither the name of The NetBSD Foundation nor the names of its
+.\"    contributors may be used to endorse or promote products derived
+.\"    from this software without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+.\" PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+.\" POSSIBILITY OF SUCH DAMAGE.
+.\"
+.Dd July 17, 2000
+.Dt FTPUSERS 5
+.Os
+.Sh NAME
+.Nm ftpusers ,
+.Nm ftpchroot
+.Nd
+.Xr ftpd 8
+access control file
+.Sh DESCRIPTION
+The
+.Nm
+file provides user access control for
+.Xr ftpd 8
+by defining which users may login.
+.Pp
+If the
+.Nm
+file does not exist, all users are denied access.
+.Pp
+A
+.Dq \e
+is the escape character; it can be used to escape the meaning of the
+comment character, or if it is the last character on a line, extends
+a configuration directive across multiple lines.
+A
+.Dq #
+is the comment character, and all characters from it to the end of
+line are ignored (unless it is escaped with the escape character).
+.Pp
+The syntax of each line is:
+.Dl userglob[:groupglob][@host] [directive [class]]
+.Pp
+These elements are:
+.Bl -tag -width "groupglob" -offset indent
+.It Sy userglob
+matched against the user name, using
+.Xr fnmatch 3
+glob matching
+(e.g,
+.Sq f* ) .
+.It Sy groupglob
+matched against all the groups that the user is a member of, using
+.Xr fnmatch 3
+glob matching
+(e.g,
+.Sq *src ) .
+.It Sy host
+either a CIDR address (refer to
+.Xr inet_net_pton 3 )
+to match against the remote address
+(e.g,
+.Sq 1.2.3.4/24 ) ,
+or a glob to match against the remote hostname
+(e.g,
+.Sq *.netbsd.org ) .
+.It Sy directive
+If
+.Dq allow
+or
+.Dq yes
+the user is allowed access.
+If
+.Dq deny
+or
+.Dq no ,
+or
+.Sy directive
+is not given, the user is denied access.
+.It Sy class
+defines the class to use in
+.Xr ftpd.conf 5 .
+.El
+.Pp
+If
+.Sy class
+is not given, it defaults to one of the following:
+.Bl -tag -width "chroot" -offset indent
+.It Sy chroot
+If there is a match in
+.Sx /etc/ftpchroot
+for the user.
+.It Sy guest
+If the user name is
+.Dq anonymous
+or
+.Sq ftp .
+.It Sy real
+If neither of the above is true.
+.El
+.Pp
+No further comparisons are attempted after the first successful match.
+If no match is found, the user is granted access.
+This syntax is backward-compatable with the old syntax.
+.Pp
+If a user requests a guest login, the
+.Xr ftpd 8
+server checks to see that
+both
+.Dq anonymous
+and
+.Dq ftp
+have access, so if you deny all users by default, you will need to add both
+.Dq "anonymous allow"
+and
+.Dq "ftp allow"
+to
+.Pa /etc/ftpusers
+in order to allow guest logins.
+.Ss /etc/ftpchroot
+The file
+.Pa /etc/ftpchroot
+is used to determine which users will have their session's root directory
+changed (using
+.Xr chroot 2 ) ,
+either to the directory specified in the
+.Xr ftpd.conf 5
+.Sy chroot
+directive (if set),
+or to the home directory of the user.
+If the file does not exist, the root directory change is not performed.
+.Pp
+The syntax is similar to
+.Nm "" ,
+except that the
+.Sy class
+argument is ignored.
+If there's a positive match, the session's root directory is changed.
+No further comparisons are attempted after the first successful match.
+This syntax is backward-compatable with the old syntax.
+.Sh FILES
+.Bl -tag -width /etc/ftpchroot -compact
+.It Pa /etc/ftpchroot
+List of normal users who should be
+.Xr chroot 2 ed.
+.It Pa /etc/ftpusers
+This file.
+.It Pa /usr/share/examples/ftpd/ftpusers
+A sample
+.Nm
+file.
+.El
+.Sh SEE ALSO
+.Xr fnmatch 3 ,
+.Xr inet_net_pton 3 ,
+.Xr ftpd.conf 5 ,
+.Xr ftpd 8

contrib/lukemftpd/src/logutmp.c

@@ -0,0 +1,111 @@
+/*
+ * Portions Copyright (c) 1988, 1993
+ *	The Regents of the University of California.  All rights reserved.
+ * Portions Copyright (c) 1996, Jason Downs.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *	This product includes software developed by the University of
+ *	California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "lukemftpd.h"
+
+typedef struct utmp UTMP;
+
+static int fd = -1;
+static int topslot = -1;
+
+/*
+ * Special versions of login()/logout() which hold the utmp file open,
+ * for use with ftpd.
+ */
+
+void
+login(const UTMP *ut)
+{
+	UTMP ubuf;
+
+	/*
+	 * First, loop through /etc/ttys, if needed, to initialize the
+	 * top of the tty slots, since ftpd has no tty.
+	 */
+	if (topslot < 0) {
+		topslot = 0;
+		while (getttyent() != (struct ttyent *)NULL)
+			topslot++;
+	}
+	if ((topslot < 0) || ((fd < 0)
+	    && (fd = open(_PATH_UTMP, O_RDWR|O_CREAT, 0644)) < 0))
+	    	return;
+
+	/*
+	 * Now find a slot that's not in use...
+	 */
+	(void)lseek(fd, (off_t)(topslot * sizeof(UTMP)), SEEK_SET);
+
+	while (1) {
+		if (read(fd, &ubuf, sizeof(UTMP)) == sizeof(UTMP)) {
+			if (!ubuf.ut_name[0]) {
+				(void)lseek(fd, -(off_t)sizeof(UTMP), SEEK_CUR);
+				break;
+			}
+			topslot++;
+		} else {
+			(void)lseek(fd, (off_t)(topslot * sizeof(UTMP)),
+			    SEEK_SET);
+			break;
+		}
+	}
+
+	(void)write(fd, ut, sizeof(UTMP));
+}
+
+int
+logout(const char *line)
+{
+	UTMP ut;
+	int rval;
+
+	rval = 0;
+	if (fd < 0)
+		return(rval);
+
+	(void)lseek(fd, 0, SEEK_SET);
+
+	while (read(fd, &ut, sizeof(UTMP)) == sizeof(UTMP)) {
+		if (!ut.ut_name[0]
+		    || strncmp(ut.ut_line, line, UT_LINESIZE))
+			continue;
+		memset(ut.ut_name, 0, UT_NAMESIZE);
+		memset(ut.ut_host, 0, UT_HOSTSIZE);
+		(void)time(&ut.ut_time);
+		(void)lseek(fd, -(off_t)sizeof(UTMP), SEEK_CUR);
+		(void)write(fd, &ut, sizeof(UTMP));
+		rval = 1;
+	}
+	return(rval);
+}

contrib/lukemftpd/src/logwtmp.c

@@ -0,0 +1,65 @@
+/*	$NetBSD: logwtmp.c,v 1.16 2001/02/04 22:04:12 christos Exp $	*/
+
+/*
+ * Copyright (c) 1988, 1993
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *	This product includes software developed by the University of
+ *	California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ */
+
+#include "lukemftpd.h"
+
+#include "extern.h"
+
+static int fd = -1;
+
+/*
+ * Modified version of logwtmp that holds wtmp file open
+ * after first call, for use with ftp (which may chroot
+ * after login, but before logout).
+ */
+void
+logwtmp(const char *line, const char *name, const char *host)
+{
+	struct utmp ut;
+	struct stat buf;
+
+	if (fd < 0 && (fd = open(_PATH_WTMP, O_WRONLY|O_APPEND, 0)) < 0)
+		return;
+	if (fstat(fd, &buf) == 0) {
+		(void)strncpy(ut.ut_line, line, sizeof(ut.ut_line));
+		(void)strncpy(ut.ut_name, name, sizeof(ut.ut_name));
+		(void)strncpy(ut.ut_host, host, sizeof(ut.ut_host));
+		(void)time(&ut.ut_time);
+		if (write(fd, (char *)&ut, sizeof(struct utmp)) !=
+		    sizeof(struct utmp))
+			(void)ftruncate(fd, buf.st_size);
+	}
+}

contrib/lukemftpd/src/pathnames.h

@@ -0,0 +1,51 @@
+/*	$NetBSD: pathnames.h,v 1.10 2000/03/06 21:42:26 lukem Exp $	*/
+
+/*
+ * Copyright (c) 1989, 1993
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *	This product includes software developed by the University of
+ *	California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ *	@(#)pathnames.h	8.1 (Berkeley) 6/4/93
+ */
+
+#ifndef	_DEFAULT_CONFDIR
+#define	_DEFAULT_CONFDIR	"/etc"
+#endif
+
+#define	_PATH_FTPCHROOT		"ftpchroot"
+#define	_PATH_FTPDCONF		"ftpd.conf"
+#define	_PATH_FTPLOGINMESG	"motd"
+#undef	_PATH_FTPUSERS
+#define	_PATH_FTPUSERS		"ftpusers"
+#define	_PATH_FTPWELCOME	"ftpwelcome"
+
+#define _PATH_CLASSPIDS		"/var/run/ftpd.pids-"
+
+#define	TMPFILE			"/tmp/ftpdXXXXXXX"

contrib/lukemftpd/src/popen.c

@@ -0,0 +1,236 @@
+/*	$NetBSD: popen.c,v 1.26 2001/04/25 01:46:26 lukem Exp $	*/
+
+/*-
+ * Copyright (c) 1999-2001 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Luke Mewburn.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *        This product includes software developed by the NetBSD
+ *        Foundation, Inc. and its contributors.
+ * 4. Neither the name of The NetBSD Foundation nor the names of its
+ *    contributors may be used to endorse or promote products derived
+ *    from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+/*
+ * Copyright (c) 1988, 1993, 1994
+ *	The Regents of the University of California.  All rights reserved.
+ *
+ * This code is derived from software written by Ken Arnold and
+ * published in UNIX Review, Vol. 6, No. 8.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *	This product includes software developed by the University of
+ *	California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ */
+
+#include "lukemftpd.h"
+
+#include "extern.h"
+
+#define INCR	100
+/*
+ * Special version of popen which avoids call to shell.  This ensures no-one
+ * may create a pipe to a hidden program as a side effect of a list or dir
+ * command.
+ * If stderrfd != -1, then send stderr of a read command there,
+ * otherwise close stderr.
+ */
+static int *pids;
+static int fds;
+
+extern int ls_main(int, char *[]);
+
+FILE *
+ftpd_popen(char *argv[], const char *type, int stderrfd)
+{
+	FILE *iop;
+	int argc, pdes[2], pid, isls;
+	char **pop;
+	StringList *sl;
+
+	iop = NULL;
+	isls = 0;
+	if ((*type != 'r' && *type != 'w') || type[1])
+		return (NULL);
+
+	if (!pids) {
+		if ((fds = getdtablesize()) <= 0)
+			return (NULL);
+		if ((pids = (int *)malloc((u_int)(fds * sizeof(int)))) == NULL)
+			return (NULL);
+		memset(pids, 0, fds * sizeof(int));
+	}
+	if (pipe(pdes) < 0)
+		return (NULL);
+
+	if ((sl = sl_init()) == NULL)
+		goto pfree;
+
+					/* glob each piece */
+	if (sl_add(sl, xstrdup(argv[0])) == -1)
+		goto pfree;
+	for (argc = 1; argv[argc]; argc++) {
+		glob_t gl;
+		int flags = GLOB_BRACE|GLOB_NOCHECK|GLOB_TILDE|GLOB_LIMIT;
+
+		memset(&gl, 0, sizeof(gl));
+		if (glob(argv[argc], flags, NULL, &gl)) {
+			if (sl_add(sl, xstrdup(argv[argc])) == -1) {
+				globfree(&gl);
+				goto pfree;
+			}
+		} else {
+			for (pop = gl.gl_pathv; *pop; pop++) {
+				if (sl_add(sl, xstrdup(*pop)) == -1) {
+					globfree(&gl);
+					goto pfree;
+				}
+			}
+		}
+		globfree(&gl);
+	}
+	if (sl_add(sl, NULL) == -1)
+		goto pfree;
+
+#ifndef NO_INTERNAL_LS
+	isls = (strcmp(sl->sl_str[0], INTERNAL_LS) == 0);
+#endif
+
+#if HAVE_VFORK
+	pid = isls ? fork() : vfork();
+#else
+	pid = fork();
+#endif
+	switch (pid) {
+	case -1:			/* error */
+		(void)close(pdes[0]);
+		(void)close(pdes[1]);
+		goto pfree;
+		/* NOTREACHED */
+	case 0:				/* child */
+		if (*type == 'r') {
+			if (pdes[1] != STDOUT_FILENO) {
+				dup2(pdes[1], STDOUT_FILENO);
+				(void)close(pdes[1]);
+			}
+			if (stderrfd == -1)
+				(void)close(STDERR_FILENO);
+			else
+				dup2(stderrfd, STDERR_FILENO);
+			(void)close(pdes[0]);
+		} else {
+			if (pdes[0] != STDIN_FILENO) {
+				dup2(pdes[0], STDIN_FILENO);
+				(void)close(pdes[0]);
+			}
+			(void)close(pdes[1]);
+		}
+#ifndef NO_INTERNAL_LS
+		if (isls) {	/* use internal ls */
+#if HAVE_OPTRESET
+			optreset = 1;
+#endif
+			optind = optopt = 1;
+			closelog();
+			exit(ls_main(sl->sl_cur - 1, sl->sl_str));
+		}
+#endif
+
+		execv(sl->sl_str[0], sl->sl_str);
+		_exit(1);
+	}
+	/* parent; assume fdopen can't fail...  */
+	if (*type == 'r') {
+		iop = fdopen(pdes[0], type);
+		(void)close(pdes[1]);
+	} else {
+		iop = fdopen(pdes[1], type);
+		(void)close(pdes[0]);
+	}
+	pids[fileno(iop)] = pid;
+
+ pfree:
+	if (sl)
+		sl_free(sl, 1);
+	return (iop);
+}
+
+int
+ftpd_pclose(FILE *iop)
+{
+	int fdes, status;
+	pid_t pid;
+	sigset_t sigset, osigset;
+
+	/*
+	 * pclose returns -1 if stream is not associated with a
+	 * `popened' command, or, if already `pclosed'.
+	 */
+	if (pids == 0 || pids[fdes = fileno(iop)] == 0)
+		return (-1);
+	(void)fclose(iop);
+	sigemptyset(&sigset);
+	sigaddset(&sigset, SIGINT);
+	sigaddset(&sigset, SIGQUIT);
+	sigaddset(&sigset, SIGHUP);
+	sigprocmask(SIG_BLOCK, &sigset, &osigset);
+	while ((pid = waitpid(pids[fdes], &status, 0)) < 0 && errno == EINTR)
+		continue;
+	sigprocmask(SIG_SETMASK, &osigset, NULL);
+	pids[fdes] = 0;
+	if (pid < 0)
+		return (pid);
+	if (WIFEXITED(status))
+		return (WEXITSTATUS(status));
+	return (1);
+}

contrib/lukemftpd/src/version.h

@@ -0,0 +1,40 @@
+/*	$NetBSD: version.h,v 1.32 2001/04/25 01:46:26 lukem Exp $	*/
+/*-
+ * Copyright (c) 1999-2001 The NetBSD Foundation, Inc.
+ * All rights reserved.
+ *
+ * This code is derived from software contributed to The NetBSD Foundation
+ * by Luke Mewburn.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *	This product includes software developed by the NetBSD
+ *	Foundation, Inc. and its contributors.
+ * 4. Neither the name of The NetBSD Foundation nor the names of its
+ *    contributors may be used to endorse or promote products derived
+ *    from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
+ * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
+ * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
+ * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef FTPD_VERSION
+#define	FTPD_VERSION	"NetBSD-ftpd 20010425"
+#endif

contrib/lukemftpd/todo

@@ -0,0 +1,17 @@
+autoconf checks:
+	- HAVE_FTP_NAMES if FTP_NAMES et al in <arpa/ftp.h>
+	- replace getopt() if optreset (BSD) or getoptreset() (irix)
+	  is not available?
+	- IF_NAMESIZE not available on darwin
+
+fix internalls (actually fts) on IRIX
+
+enable utmp stuff (need to make it portable)
+
+enable wtmp stuff (need to make it portable)
+
+enable kerberos support once its fixed?
+
+add getenv(3) to replace putenv(3) cruft?
+
+barf if neither flock() nor lockf() is available